The hottest Data Breach Substack posts right now

NY AG Sues Citibank For Insufficient Data Security Measures, Failure to Address Scams

Metacurity • 1434 implied HN points • 31 Jan 24

The New York Attorney General sued Citibank for insufficient data security measures and failure to address scams.
Citibank is accused of not doing enough to prevent unauthorized account takeovers and misleading customers about their rights after being hacked.
The lawsuit alleges that Citibank has overpromised and underdelivered on security measures and failed to respond to red flags.

Insomniac breach

SuperJoost Playlist • 216 implied HN points • 21 Dec 23

🕹 Technology Gaming Data Breach Cybersecurity Tech industry Software Development

The business of hacking video game publishers is growing, with recent incidents showing flaws in hackers' business fundamentals.
Hacking video game companies does not always result in financial gain for the hackers, as evidenced by unsuccessful attempts to sell stolen data.
Leaking information about upcoming video games may actually generate more excitement and interest in the games rather than spoil the experience for players.

Threats Without Borders - Issue 165

Threats Without Borders • 78 implied HN points • 16 Jan 24

🕹 Technology Cybercrime Ransomware Malware Scams Data Breach

Paying ransomware rewards criminals and perpetuates the problem.
Small businesses often face the dilemma of paying ransomware or shutting down.
Outlawing ransomware payments may turn small business owners into criminals.

Threats Without Borders - Issue 164

Threats Without Borders • 78 implied HN points • 09 Jan 24

🕹 Technology Cybersecurity Ransomware Data Breach Identity Verification

Online banks have a frictionless account creation process, raising concerns about identity verification.
Regions Bank suffered significant losses due to changes in check holding policies.
Security firm Emsisoft advocates for banning ransomware payments to discourage criminal behavior.

Russia's Midnight Blizzard Gained Access to HP's Email System

Metacurity • 58 implied HN points • 25 Jan 24

🕹 Technology Cybersecurity Data Breach Cloud Computing Information Security

Russia's Midnight Blizzard targeted HP's email system in a cyberattack.
The breach involved unauthorized access to HPE's cloud-based email system.
HPE suspects a Russian-state hacking group, Midnight Blizzard, for this data breach.

Get a weekly roundup of the best Substack posts, by hacker news affinity:

Threats Without Borders - Issue 166

Threats Without Borders • 58 implied HN points • 23 Jan 24

🕹 Technology Cybersecurity Hacking Data Breach Security Measures Scams

Password spray attacks can be stealthy and evade detection for extended periods.
Defend against password spray attacks by using strong, unique passwords and enabling multi-factor authentication.
The cyber talent shortage is not about degree requirements but unrealistic job expectations.

Limited distribution: OptimEyes (67.8 GB)

Distributed Email of Secrets • 455 implied HN points • 12 May 23

🕹 Technology Cybersecurity Data Breach Risk Assessment AWS Journalism

Limited distribution of OptimEyes dataset containing credentials leaked from a cybersecurity company
Dataset includes critical AWS keys and is available only to journalists & researchers
DDoSecrets seeks donations to continue operations

Release: ACPeds (20 GB)

Distributed Email of Secrets • 455 implied HN points • 03 May 23

🌐 International Leaks Data Breach Ethics

Data leak from the American College of Pediatricians reveals sensitive information like donor details and passwords
The leaked files include internal documents about ACPeds donors, finances, and members' information
ACPeds has faced rejection as an Amazon Smile charity and scrutiny for using questionable sources for information

Russian Hacking Group MidnightBlizzard Stole Emails From Microsoft Execs, Employees

Metacurity • 39 implied HN points • 22 Jan 24

🕹 Technology Cybersecurity Hacking Data Breach Malware Digital Security

Russian hacking group MidnightBlizzard, also known as Nobelium, breached Microsoft networks and stole emails from executives and employees.
The breach was detected in November but Microsoft began notifying affected staff in January.
Hackers used a password spray attack on an old test account to access multiple email streams.

Must Learn AI Security Part 6: Model Inversion Attacks Against AI

Rod’s Blog • 39 implied HN points • 23 Aug 23

🕹 Technology AI Security Privacy Data Breach Cybersecurity Machine Learning

A Model Inversion attack against AI involves reconstructing training data by only having access to the model's output, posing risks to data privacy.
There are two main types of Model Inversion attacks: black-box attack and white-box attack, differing in the level of access the attacker has to the AI model.
Model Inversion attacks can have severe consequences like privacy violation, identity theft, loss of trust, legal issues, and misuse of sensitive information, emphasizing the need for robust security measures.

The inspiration of early hacker culture; not your father’s DDoS; Prigozhin mutiny in cyberspace; China inching toward Ukraine? MOVEIt hack raises risk of deepfake scams

Natto Thoughts • 19 implied HN points • 30 Jun 23

🕹 Technology Cybersecurity Hacking Geopolitics Data Breach Deepfake

The German television miniseries 'The Billion Dollar Code' on Netflix captures the excitement of early hacker culture.
Distributed denial-of-service (DDoS) attacks are evolving in sophistication and targeting new entities, posing significant cyber risks.
China's potential support for Ukraine in reclaiming disputed territories, like Crimea, signifies a shift in geopolitical dynamics and requires careful observation.

Nibble #12

The Nibble • 14 implied HN points • 18 Jun 23

🕹 Technology AI Data Breach AGI Software Development

CoWIN experienced an alleged data breach involving sensitive personal information like Aadhar and passport details.
Google recently sold its domain business to Squarespace.
OpenAI released new updates, including powerful API enhancements and feature additions.

"We've obtained all your internal data, including your secrets."

Links I Would Gchat You If We Were Friends • 0 implied HN points • 23 Nov 15

🕹 Technology Social media Data Breach Online Communication Cybersecurity Tech industry

Tech-site intrigue includes a story about Tinder executive Whitney Wolfe and a Sony hack experience.
Comments from the internet's comments section show interesting confessions and the hidden humanity of commenters.
Other interesting snippets include details about the Russian version of Telegram, toxic remains in Silicon Valley, and quirky GPS directions.