Search This Blog

Showing posts with label Employee Data. Show all posts

Over 50% of Twitter Staff are Sacked by Elon Musk

Elon Musk, the new owner of Twitter, defended the decision on Saturday, claiming that there was 'no choice because the firm was losing millions of dollars daily. This comes amid a wave of widespread layoffs at Twitter around the world, including in India, and the outrage that followed.

Elon Musk made the decision to fire over 50% of the Twitter workers. After overnight limiting access to the company's headquarters and internal systems, employees were notified by email of their employment status.

To announce their departure, employees are tweeting using the hashtag #LoveWhereYouWorked and a saluting emoji. Elon justified the choice by claiming that the business was losing $4 million daily. Three months' worth of severance pay was provided to everyone who lost their jobs.

In contrast to a profit of $66 million during the same period last year, the corporation reported a net loss of $270 million for the second quarter that concluded on June 30, 2022. There are rumors that up to half of Twitter's 8,000 jobs could be eliminated. The website has trouble turning a profit. Making a dent in the salary cost is one method to solve the issue.

Simon Balmain, a senior community manager for Twitter in the UK, said that he had been signed out of both his work laptop and the Slack chat app, leading him to fear that he had been fired.

After already terminating some employees, several Twitter employees on Thursday night filed a class action complaint, according to CNN, alleging that Twitter violated the federal and California Worker Adjustment and Retraining Notification Act (WARN Act).

According to the WARN Act, if a mass layoff "affects 50 or more employees at a single site of employment," the employer has to give 60 days written notice in advance. Additionally, Twitter has let go of the majority of its over 200 Indian staff. According to sources, the engineering, sales and marketing, and communications teams will all be affected".

Following Elon Musk's takeover of the social media company, Twitter founder Jack Dorsey finally spoke out about the widespread layoffs. He stated, " I realize many are angry with me. I own the responsibility for why everyone is in this situation: I grew the company size too quickly. I apologise for that.”

The cost-cutting comes in response to criticism of Twitter's efforts to collect money by putting up a proposal to charge $8 (£7) per month for a blue check-mark that says, "Verified."Those that pay could receive more promotion for their tweets and see fewer advertisements in addition to the verification badge.

Since a few years prior, Twitter has not turned a profit, and its monthly user base of around 300 million people has remained broadly stable. Experts cautioned that Twitter's ability to battle misinformation may be impacted by the dismissal of half of its workers, particularly with the US midterm elections set for next week.

Australian Security Firm G4S Hacked, Staff on Alert

Ransomware Attack, G4S Breached

Present and earlier employees of security organization G4S have been alarmed to be cautious, due to a ransomware attack where personal information was stolen and posted online. The leaked info includes tax file numbers, medical checks, and bank account information. 

The attack comes after the massive Optus data leak incident in Australia, joining two more data breaches. It seeks government plans to reform cybersecurity and follow higher penalties under the Privacy Act.

G4S offers services to Australian prisons

G4S offers services to prisons throughout Australia, earlier it offered services to offshore detention centers on Manus Island, belonging to the federal government. 

It informed its former and current customers earlier this week that it suffered a cyber incident, allowing unauthorized access to a third party, and giving malware programs access to G4S systems. 

According to Guardian Australia, it believes the incident to be a ransomware attack targeting Port Philip prison. The media reported on this incident in early July. 

"Guardian Australia was also alerted on Tuesday to another Optus-style data breach involving an employment agency. The breach was the result of a similar open application programming interface (API) to that believed to have been breached in the Optus attack. Personal documents such as photos of passport pages and Covid-19 vaccination certificates were accessible via the vulnerability."

What can the victims do?

During mid-September, G4S came to know that some data was leaked online. However, it only informed the affected customers about the degree of the attack and the compromised documents in an e-mail earlier this week. 

The stolen data includes employee names, dates of birth, address, medical and police records, contact info, bank account details, tax file numbers, license details, and Medicare numbers. 

In some incidents, health info is given to the company, payslips, and Workcover claims information and incident reports have also been leaked.

Though the incident happened at Port Philip prison, the cyber criminal got access to the company's entire network throughout Australia. 

Casualties not confirmed

The number of staff impacted by the breach is yet to be known, G4S didn't give answers to questions about the victims, on the other hand, saying the company is working with affected individuals to provide them full assistance. 

G4S advised the victims to change their identity documents but didn't provide compensation for replacements or give credit monitoring. 

The Guardian reports:

"Separately, photos of identity documents – including driver licenses – of hundreds of thousands of the company’s clients were publicly available via Google image search results because users had uploaded their licences as their profile photo. The company has since acted to prevent users from uploading sensitive documents to profiles."

Attackers Compromise Employee Data at PVC-Maker Eurocell

According to a law firm, a leading British PVC manufacturer has been contacting current and former employees to notify them of a "substantial" data breach. 

A data protection law specialist, Derbyshire-based Eurocell, which also operates as a distributor of UPVC windows, doors, and roofing products, disclosed the news in a letter to those affected. The firm apparently explained in it that an unauthorised third party gained access to its systems, as per Hayes Connor.

The compromised data included employment terms and conditions, dates of birth, next of kin, bank account, NI and tax reference numbers, right-to-work documents, health and wellbeing documents, learning and development records, and disciplinary and grievance docs. That's a lot of information for potential fraudsters to use in subsequent phishing or even extortion.

Eurocell has reportedly stated that there is no proof of data misuse, but this will provide little comfort to those affected. It is also unknown how many employees would be affected.

“The company has over 2,000 current employees, but it is possible that many more former employees could also be at risk given the type of information that has been exposed,” warned Hayes Connor legal representative, Christine Sabino.

“Every employer has various obligations when it comes to data security, which means they have a duty to keep sensitive information secure. This type of incident warrants a significant investigation. Our team has started to make our own enquiries into the case and are determined to ensure our clients get the justice they deserve.”

Hayes Connor made headlines earlier this year when it announced that over 100 current and former employees of a leading luxury car dealership would sue the firm following a data breach. On that occasion, they were dissatisfied with LSH Auto's lack of transparency regarding the incident.

HackerOne Employee Stole Data From Bug Bounty Reports for Financial Advantages


HackerOne has revealed information on a former employee who it alleges accessed company data for personal financial benefit. The unknown individual received information from bug bounty platform security reports and attempted to reveal the same vulnerabilities outside of the site. 

According to HackerOne, he had access to the data between April 4 and June 23, 2022. On June 22, 2022, HackerOne was notified of the problem by a suspicious client who had received similar bug reports from the platform and the person. 

“This is a clear violation of our values, our culture, our policies, and our employment contracts,” the platform stated. 

“In under 24 hours, we worked quickly to contain the incident by identifying the then-employee and cutting off access to data. We have since terminated the employee, and further bolstered our defences to avoid similar situations in the future.” 

According to HackerOne, the submitter of this off-platform disclosure "reportedly used intimidating language in conversation with our customer," and the actor's intent was to collect more bounties. HackerOne also stated that, after consulting with lawyers, it will determine if a criminal referral of this situation is necessary. 

A HackerOne spokesperson informed The Daily Swig: “Since the founding of HackerOne, we have honoured our steadfast commitment to disclosing security incidents because we believe that sharing security information is essential to building a safer internet. 

“At HackerOne, we value the trusted relationships with our customers and the hacking community. It’s important for us to continue to demonstrate transparency as a core tenant of Corporate Security Responsibility and therefore shared this Incident Report.” 

The spokesperson added: “Our Code of Conduct sets the foundation for building trust. We will continue to prioritize coordinated disclosure and to act fast to ensure we uphold these strong standards.”

McMenamins Struck by Ransomware Attack, Employee Data at Risk


McMenamins, a Portland hotel and brewpub chain, was struck by a ransomware attack on Wednesday that may have stolen employees' personal information, but no customer payment information seems to have been compromised. 

The ransomware attack was discovered and stopped on December 12, according to McMenamins. The company stated it alerted the FBI and contacted a cybersecurity firm to figure out where the attack came from and how extensive it was. 

Employee data such as names, residences, dates of birth, Social Security numbers, direct deposit bank account information, and benefits records may have been acquired, according to the firm in a news release, but "it is not currently known whether that is the case." 

"To provide employees with peace of mind, McMenamins will be offering employees identity and credit protection services, as well as a dedicated helpline through Experian," the company stated. "A payment processing service manages the collection of such information. Further, this information is not stored on company computer systems impacted by the attack."  

Many operational systems have been taken offline, including credit card scanners, necessitating temporary alterations in payment procedures at some McMenamins sites. There is "no indication" that consumer payment data has been hacked, according to the firm. 

The co-owner, Brian McMenamin stated, “What makes this breach especially disheartening is that it further adds to the strain and hardship our employees have been through in the past two years.” 

“We ask that our customers give our employees extra grace as we make temporary adjustments in the way we process transactions and reservations, given the impacts to our systems by this breach.” 

The company stated that it is unclear when the problem would be rectified and systems restored. There are a few things firms can do to assist mitigate these attacks, according to Kerry Tomlinson, a cyber news reporter with Ampere News. 

"As a business, you need to have backups," Tomlinson said. "If ransomware hits and they're demanding ransom for you to get your files back, you can say thanks a lot but I already have backups." 

"It will happen more and more and it's only going to get bigger. If you're not paying attention now, you need to pay attention." 

Employees should be especially cautious to help prevent cyber assaults, according to Tomlinson, by avoiding questionable emails, setting unique passwords for each website visited, and adding a multi-factor authentication process to offer an extra layer of security. It is worth noting that despite the breach, all McMenamins locations are open.

Personal Details of SA Gov Employees Compromised in Frontier Software Ransomware Attack


The South Australian government has revealed that the private details belonging to tens of thousands of its employees were exfiltrated following a cyber attack that hit the system of an external payroll provider Frontier software.

According to South Australia Treasurer Rob Lucas, the payroll provider has informed the government that some of the data have been leaked on the dark web, with at least 38,000 employees and up to 80,000 government employees possibly having their data accessed. 

The stolen data contained taxation IDs of 38,000 Australian government employees, information on names, date of birth, home address, bank account details, employment start date, payroll period, remuneration, and other payroll-related details.

The government was particularly concerned regarding staff’s private data being stolen, as well as the potential for identity fraud, but there was no evidence that the information had been used by the hackers, Lucas added.

The breached firm Frontier Software suffered from a ransomware attack on November 13, 2021. The assault didn't pivot to client systems through their products and the data exfiltration only affected a specific segmented environment, the payroll provider stated. 

"To date, our investigations show no evidence of any customer data being exfiltrated or stolen. Whilst the incident resulted in some of Frontier Software's Australian corporate systems being encrypted, Australian customer HR & Payroll data and systems are segmented from the corporate systems and were not compromised," it said on November 17.

The impacted staff has been advised to treat incoming emails, calls, and SMS with caution. Additionally, everyone is advised to reset their passwords and activate two-factor authentication where possible. 

Government employees should closely monitor bank statements and account activity and report any suspicious transactions to the authorities. Exposed people can take advantage of a free IDCARE cyber-security support service offering, following the instructions laid out on the incident announcement on the SA government website.

According to Nev Kitchin, general secretary of the South Australian Public Service Association, the situation was "obviously very concerning". "We expect the state government to take all possible steps to review its cyber security measures in order to prevent such an event in the future. In the meantime, we expect the government to do everything possible to minimize the effects of this security breach and to provide the support our members need," he said.