Millions of personal files exposed by insurance biz, serial web hacker strikes again, and more from infosec land


Roundup It’s a bumper three-day weekend in the US and UK, so we won’t keep you long. Here’s a rapid summary of information security news from the past week beyond what El Reg has already covered.

Baltimore ransomware misery deepens: The US city of Baltimore’s government websites and online services remain offline, and its computer systems are still knackered, after ransomware scrambled its files two weeks ago. Officials’ voicemail and email boxes are down, along with a parking fines database, and a system used by residents to pay water bills, property taxes, and vehicle law citations.

In a further blow, Gmail accounts set up by the mayor, city council members, and mandarins to communicate during the malware-inflicted outage were frozen out by Google’s software, which informed them they had to buy business subscriptions to continue. This was triggered by the officials setting up the personal accounts from the same public IP address, it seems. In the end, they were given back the accounts by the online ad giant.

Read more…