emails Archives - DevOps Online North America

Chinese government to be blamed for the hack of Microsoft Exchange

Yashesh Patel — Tue, 20 Jul 2021 10:02:16 +0000

It was recently reported that a group of Western countries has accused China of being behind the hacking of Microsoft Exchange.

Indeed, the statement made by these countries is blaming the Chinese Ministry of State Security (MSS) for malicious cyber activity and for undermining global stability and security.

The attack on Microsoft impacted around 30,000 organizations globally and is stated to be from a Chinese cyber-espionage group that exploited a vulnerability in Microsoft Exchange, hence, giving the hackers remote access to the email inboxes.

The group is said to be state-sponsored and operating out of China. However, China refutes any accusation and declared that it opposes all forms of cybercrime.

The post Chinese government to be blamed for the hack of Microsoft Exchange appeared first on DevOps Online North America.

Dow Jones expose private records

Leah Alger — Mon, 17 Jul 2017 14:03:15 +0000

Dow Jones configured a cloud-computing service, which lead to exposing unauthorised access about subscribers, such as addresses and other private information.

According to a Dow Jones spokesman, around 2.2 million subscribers records were affected, including customer names, emails, physical addresses, usernames and the last four digits on credit cards.

The Dow Jones spokesman said: “We immediately remedied the situation and have no reason to believe that any data was taken.

“The data did not include full credit-card or account-login information that could pose a significant risk for consumers or require notification.”

Cyber security firm UpGuard notified Dow Jones of the exposed data after discovering it.

Written by Leah Alger

The post Dow Jones expose private records appeared first on DevOps Online North America.

Gloucester Council fined for hoarding sensitive information

Leah Alger — Wed, 14 Jun 2017 08:53:04 +0000

The Information Commissioner’s Office (ICO) has charged Gloucester Council with a £100,000 fine because of finding 30,000 emails consisting of sensitive information downloaded by cyber attack group Anonymous.

According to ICO, the council did not have sufficient processes in place to make sure its systems had been updated while changes to suppliers were made.

Veracode Manager Paul Farrington noted that council officials could have protected the 30,000 leaked email records without incurring any additional cost burden. “Top of the list, will be the notion that the council had outsourced the responsibility to a third-party IT provider to manage vulnerabilities.”

Protecting individuals privacy

“The reality however, is that you can’t outsource the obligation to protect the privacy of individuals. Whilst one might be able to cut costs by getting a firm to look after day-to-day tasks, the buck still stops with the data owner – in this case Gloucester City Council,” he added.

Managing Director of Gloucester Council believes that the fine will only result in money being taken from local citizens and given to HM Treasury.

Written from press release and source by Leah Alger

Source: BBC

The post Gloucester Council fined for hoarding sensitive information appeared first on DevOps Online North America.