- The U.S. Department of Health & Human Services fined the Hospice of North Dakota $50,000 for a data breach affecting fewer than 500 people due to a theft of a laptop containing patient data, the first time such a settlement had been reached in so small a data breach.
- In the United Kingdom, two former members of the Anonymous hacktivist collective were sentenced to jail for their roles in a series of denial-of-service attacks launched against financial and music-industry organizations. Christopher Weatherhead, 22, and Ashley Rhodes, 28, received prison sentences of 18 and 7 months respectively for conspiracy to impair the operation of computers.
- Server problems interrupted the New York Stock Exchange's delivery of trading data for two day, Jan. 28 and 29. The outages impacted the NYSE's ability to send stock trade and quote data on hundreds of traded securities.
- After security company Rapid7 detailed a major flaw in the UPnP standard that left tens of millions of network-enabled devices from manufacturers such as Cisco-owned Linksys, Netgear, Belkin and D-Link open to attack, US-CERT, part of the Department of Homeland Security, advised consumers and businesses to disable UPnP. The protocol is used to permit many consumer electronics to discover each other on the network for data sharing, communications and media streaming.
- Hackers from China breached the network of the New York Times and stole passwords that allowed them to gain access to computers and e-mail accounts of 53 employees for about four months, the New York Times itself reported on Jan. 30. The Times, assisted by security firm Mandiant in the computer-breach investigation, believes the attacks were carried out mainly to target journalists reporting on subjects sensitive to the Chinese government. The Wall St. Journal and the Washington Post subsequently disclosed similar Chinese attacks on their networks had occurred for a number of years as well.
- Twitter said in a blog post that hackers hit Twitter and may have gained access to passwords and other information on as many as 250,000 user accounts. Twitter said the passwords were encrypted and it had already reset them as a "precautionary measure." Twitter simply said, "This attack was not the work of amateurs, and we do not believe it was an isolated incident," implying other organizations were likely also attacked.
- A program to jailbreak Apple devices running iOS6 or higher was released Feb. 4, sparking over 100,000 downloads in the first 10 minutes of its availability. The program, said to have been devices by the iOS hackers known as the Evaders, continued the tradition of jailbreaking the security on Apple mobile devices in order to run apps not authorized by Apple.
Sign up for CIO Asia eNewsletters.