Tag Archive for: confidential

Government agrees law to protect confidential journalistic material from state hacking

/in


The government has agreed to bring in legislation to require MI5 and GCHQ to seek independent authorisation before accessing confidential journalistic material obtained through the bulk hacking of phones or computer systems.

The Investigatory Powers (Amendment) Bill, which was debated in the House of Commons yesterday (Monday 19 February), will require the intelligence services to seek independent approval from the investigatory powers commissioner before accessing journalistic material or material that could identify a confidential journalistic source.

The concession follows a seven-year legal challenge brought by human rights organisation Liberty with the support of the National Union of Journalists (NJU).

It follows separate warnings from technology companies and rights organisations that proposed changes to the Investigatory Powers Act would disrupt the ability of technology companies to apply security updates and introduce end-to-end encryption.

The government has asked Liberty to drop legal proceedings against it in the light of a proposed amendment to the Investigatory Powers Bill 2016 that will require an independent body to review all requests to search and retain confidential journalistic information obtained through bulk hacking of computers, phones and tablets.

Journalists exposed to state surveillance and interference

Under current law, security and intelligence agencies and other state bodies can search for confidential journalist material, including emails, calls and texts, among data obtained through bulk hacking operations without the need for prior authorisation from a judicial commissioner.

The government introduced similar protections for journalistic material obtained through bulk interception in March 2023 following a landmark ruling by the European Court of Human Rights in the case of “Big Brother Watch and others v UK”,  which found that bulk interception of communications data breached the privacy rights of UK citizens.

Megan Goulding, a lawyer for Liberty, said journalists have been exposed to state surveillance and interference for more than a decade with few safeguards or protections.

“The introduction of a new requirement for an independent…

Source…

Hackers Threaten To Leak 80GB of Confidential Data Stolen From Reddit

/in


Hackers are threatening to release confidential data stolen from Reddit unless the company pays a ransom demand – and reverses its controversial API price hikes, TechCrunch reported.

According to TechCrunch, in a post on its dark web leak site, the BlackCat ransomware gang, also known as ALPHV, claims to have stolen 80 gigabytes of compressed data from Reddit during a February breach of the company’s systems.

Reddit spokesperson Gina Antonini declined to answer TechCrunch’s questions, but confirmed that BlackCat’s claims relate to a cyber incident confirmed by Reddit on February 9. At the time, Reddit CEO Christopher Slowe, or KeyserSosa, said that hackers had accessed employee information and internal documents during a “highly-targeted” phishing attack. Slowe added that the company had “no evidence” that personal user data, such as passwords and accounts, had been stolen.

Bleeping Computer reported that on February 9th, Reddit disclosed that its systems were hacked on February 5th after an employee fell victim to a phishing attack.

According to Bleeping Computer, the phishing attack allows the threat actors to gain access to Reddit’s systems and steal internal documents, source code, employee data, and limited data about the company’s advertisers.

As first spotted by Dominic Alvieri and shared with Bleeping Computer, the ALPHV ransomware operation, more commonly known as BlackCat, now claims to be behind the February 5th cyberattack on Reddit.

In a “Reddit Files” post on the gang’s data leak site, the threat actors claim to have stolen 80 GB of compressed data from the company during the attack and now plan on leaking the data.

The threat actors say they attempted to contact Reddit twice, on April 13th and June 16th, demanding $4.5 million for the data to be deleted but did not receive a response.

Bleeping Computer posted a screenshot of the information from ALPHV. Here are some:

“…I told them in my first email that I would wait for their IPO to come along. But this seems like the perfect opportunity! We are very confident that Reddit will not pay any money for their data.

“But I am very happy to know that the public will be able to read…

Source…

Threat of Confidential Data Release in Dallas Ransomware Attack – NBC 5 Dallas-Fort Worth

/in


A threat was posted Friday on a website related to the Royal Ransomware Group threatening to release data the group claims to have accessed from the City of Dallas.

The ransomware attack on Dallas government was first revealed on May 3 and since then city officials have always said no data has leaked.

The new post mentions the city’s claim and responds saying tons of personal information, including court cases, medical information and thousands of government documents will be posted on blogs.

City officials have confirmed that key portions of Dallas government remain harmed by the attack which caused them to shut down many systems to avoid spreading damage.

Dallas Police Chief Eddie Garcia said this week that his access to crime data has been compromised for mapping strategy. He said a backlog of reports remains to be filed.

The Dallas County District Attorney released a statement saying some police evidence for court cases has not been available for pending trials.

The City of Dallas Municipal Court, where traffic and code citations are handled, remained closed.

Public computers were not available in Dallas libraries and returned books could not be properly checked in.

Cyber Threat Expert Sam Rubin, a Vice President with Palo Alto Networks Unit 42, who is not involved with the Dallas investigation, said threat actors do access data in more than 70% of attacks.

“They’re not only locking up files but they’re taking information as well. And it’s really all about upping that level of pressure so they can extract payment. It’s a form of extortion,” Rubin said.

Former Federal Prosecutor Matt Yarbrough who handles cybersecurity and data privacy cases with the law firm Michelman and Robinson said the threat posted Friday is a new level in the Dallas case.

“It’s a major escalation from the standpoint they’re going to release these critical systems not only about employees but active and ongoing criminal investigations and prosecutions. And the fact that it hurts or is hurting cases at trial right now is a major factor,” Yarbrough said.

The city of Dallas issued a statement Friday renewing the claim that no data has leaked.

“We continue to…

Source…

Oakland ransomware attackers leak ‘confidential’ data

/in


LATEST March 3, 5:30 p.m. Play Ransomware, the hacker group claiming responsibility for a ransomware attack on Oakland in February, has published confidential data, Emsisoft threat analyst Brett Callow confirmed to SFGATE, though the contents have yet to be confirmed by SFGATE. The group claims the leak contains 10 gigabytes of compressed data.

The city of Oakland declined to provide comment to SFGATE about the attack, instead referring back to its statement published earlier Friday.

March 3, noon Weeks after Oakland confirmed that it fell victim to ransomware, the alleged attackers have come out to claim the cyberattack — and detailed the extent of their purported conquest.

As first noted by Philadelphia cybersecurity analyst Dominic Alvieri, the hacker group Play Ransomware claims that it was responsible for the attack on Oakland, which rendered many city services inoperable for a stretch of time in February. 

The possible extent of the leak is troubling: According to a screenshot first obtained by cybersecurity news site and forum Bleeping Computer, the group obtained access to “private and personal confidential data, financial, gov and etc. IDs, passports, employee full info.” 

“The claim appears official and data should be leaked within about two hours I believe,” Alvieri told SFGATE in a Twitter message, adding that the estimate comes from prior “claim post timelines.” 

The city of Oakland appears aware of an impending leak, but did not identify the group or confirm the validity of its claims. 

“While the investigation into the scope of the incident impacting the City of Oakland remains ongoing, we recently became aware that an unauthorized third party has acquired certain files from our network and intends to release the information publicly,” the city said on its news page Friday. “We are working with third-party specialists and law enforcement on this issue and are actively monitoring the unauthorized third party’s claims to investigate their validity.”

It is unclear whether the city will negotiate with or pay the group. The city also did not…

Source…