Just another week in ThreatWatch, our regularly updated index of noteworthy data breaches.
In case you missed our coverage this week in ThreatWatch, Nextgov’s
Hundreds of thousands of job seekers in at least 10 states may have had personal information stolen from a multistate system.
America’s JobLink announced the breach Wednesday, stating a hacker used misconfigured code to potentially access the names, Social Security number and birth dates of job seekers. The company noticed unusual activity March 12, but stopped access March 14.
Ten states’ systems could have been affected: Alabama, Arizona, Arkansas, Delaware, Idaho, Illinois, Kansas, Maine, Oklahoma and Vermont.
America’s JobLink didn’t disclose a number, but various states officials are:
- About 200,000 in Delaware may have been affected, according to The News Journal. The state has contracted with the company since 2007.
- The Oklahoman reports more than 430,000 people who signed up for OKJobMatch.com may have been impacted.
- The Vermont Labor Commissioner told WCAX about 182,000 Vermonters could have been affected.
That’s more than 812,000 people from three of the 10 states. Maine officials don’t have a total yet, but say more than 12,000 of its state residents used the job service since July, according to the Portland Press Herald.
The FBI and cybersecurity firm RSA are investigating.
When customers of the U.K. cellphone company Three logged on to view their bills, some were greeted with someone else’s account information.
The company confirmed a technical issue it was still investigating, according to a Guardian report. Affected customers who logged in over the weekend saw someone else’s name, address and call history, though the company said no financial details were disclosed.
Three has about 9 million customers in Britain.
In November, the company dealt with a data breach of almost 134,000 customers’ information in a scheme to steal high-end phones. The National Crime Agency arrested three men as part of the investigation.
The Cisco security team issued a critical advisory after combing through WikiLeaks' dump of alleged CIA hacking tools.
The Friday alert disclosed a vulnerability in the cluster management protocol in Cisco IOS and Cisco IOS XE software that could allow a remote attacker to control devices. The flaw may affect 300 switches.
Cisco said there are no workarounds for the issue, but the company recommends disabling the Telnet protocol for incoming connections and using the Secure Shell protocol.
WikiLeaks boasted its Vault 7 documents include “dozens of zero days” though it did not publish the code, so the claims are hard to verify. The website also said it would share the zero days with affected tech companies, but Motherboard reported WikiLeaks is waiting until certain, undisclosed demands are met.