WE'VE HAD some shocking data breaches in 2018, affecting millions of innocent people, but none so shocking, so brazen as this one.
It's the moment we've all feared, people: the Girl Scouts got pwned.
A report in Threat Post reveals that the personal details of as many as 2,800 Girl Scouts and their families in the Orange County were at risk from a hacked email account that had been hijacked and used to send fake emails.
Well, technically they were real emails, but we digest.
Girl Scouts of Orange County (GSOC) hasn't indicated exactly what sort of data has been taken as it does appear that this is an email account, not a database, but the email address has been used to coordinate travel arrangements, presumably to the Big Girl Scout Jamboree, or the sweatshop where they bake the cookies, so there is a risk.
Anything from passport details, national insurance numbers, medical details and even phobias (come on - you've watched cartoons) could be in that email account.
Christina Salcido, vice president of mission operations for GSOCm points out that this type of information could be used for a social engineering attack later, and as such: "Out of an abundance of caution, we are notifying everyone whose information was in this email account," in an email sent out to those potentially affected.
Threat Post points out that there is evidence to suggest that children's details are preferable to scammers as the lack of credit history makes it harder for the fakery to come to light.
More than a million children were involved in identity theft totalling $540m last year in the US.
A new secure portal for submitting confidential details is in the works, and all information held on the email server, which was only compromised for a day, has been removed.
Let this be a reminder to all of us that if the millions of people caught in a heist is too big to comprehend, it happens in microscopic ways every day too, and we all need to beware.
Apropos of nothing, the Girl Scouts of America has recently launched a series of badges for Scouts who show aptitude in matters of cybersecurity.
Because sometimes, life is just that ironic. μ
Trill seekers welcome
Give Glass a pass if you're not an enterprise type
Epyc performance potential, but Rome wan't build in a day