Didn't anyone think to secure that conference call a bit more thoroughly? It seems the access details for the dial-in conference call were emailed to relevant officials by way of an e-invite - an invite that somehow got forwarded to a non-Government account which had been compromised, allowing Anonymous to not only see the invite but secretly participate in the call as a silent listener.
That knowledge of the dial-in number and, presumably a login and password circulated in the same invitation mail, was all that was required as authentication is, frankly, remarkable. Especially as that email was, as I understand it, sent to more than 40 law enforcement officers in the US and across Europe.
But it gets even worse when you realise that each participant was given the same login code, so that anyone reading the email would be able to join the call. I would have thought the people on the forefront of fighting the war against insecurity might consider unique codes for each participant.
I could understand it if the conference call was the kind that I get a zillion invites to and involve a marketing man in the US extolling the virtues of the latest mind-numbingly boring product. But no two-factor authentication, which would likely have stopped the hackers in their tracks, for a call between law enforcement agency officials? Really?
-
A threat to Google’s dominance? The AI browser wars have begun – here are the top contenders vying for the crownNews Perplexity has unveiled its Comet browser while OpenAI is reportedly planning to follow suit
-
Google Cloud Summit London 2025: Practical AI deploymentITPro Podcast As startups take hold of technologies such as AI agents, where is the sector headed?
-
Scania admits leak of data after extortion attemptNews Hacker stole 34,000 files from a third-party managed website, trucking company says
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolenCapita told the pension provider to “work on the assumption” that data had been stolen
-
Anonymous hijacks Russian broadcasts with footage of Ukraine warNews The hacking group said it managed to manipulate the broadcasts of three major Russian state-backed media organisations
-
Gumtree site code made personal data of users and sellers publicly accessibleNews Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
-
Pizza chain exposed 100,000 employees' Social Security numbersNews Former and current staff at California Pizza Kitchen potentially burned by hackers
-
83% of critical infrastructure companies have experienced breaches in the last three yearsNews Survey finds security practices are weak if not non-existent in critical firms
-
Identity Automation launches credential breach monitoring serviceNews New monitoring solution adds to the firm’s flagship RapidIdentity platform
-
Neiman Marcus data breach hits 4.6 million customersNews The breach took place last year, but details have only now come to light
