Articles about data breach

Hacker

Blood test biz LabCorp pulls plug on systems over hacker fears

Medical biz LabCorp shut down some of its systems last week after it detected "suspicious activity" on its network. A company spokesperson told The Register that, contrary to early claims the "entire network" was shut down and "millions" of records swiped, only its Diagnostics service was affected – the Covance pharmaceutical …
Shaun Nichols, 17 Jul 2018

Capita strikes again: Bug in UK-wide school info management system risks huge data breach

Updated Capita has admitted a bug in an information management system used by 21,000 UK schools could have incorrectly linked contact details to the wrong pupils – an incident with huge implications for pupils' data protection. The error, which has been pinned on a December 2017 upgrade to the Schools Information Management System, …
Rebecca Hill, 17 Jul 2018
ticketmaster

Ticketmaster breach 'part of massive bank card slurping campaign'

The Ticketmaster breach was not a one-off, but part of a massive digital credit card-siphoning campaign. Threat intel firm RiskIQ reckons the hacking group Magecart hit Ticketmaster as part of a massive credit card card hacking campaign affecting more than 800 ecommerce sites. Magecart has evolved tactically from hacking …
John Leyden, 12 Jul 2018
Full confession

Timehop admits to more data leakage, details GDPR danger

Nostalgia aggregator Timehop has revised its advice about the data breach it reported earlier this week. The news is bad in two dimensions, the first of which is that the company has found more data was accessed. Updates to its oops! post has now added “dates of birth, gender [and] country codes” to the list of lost …
Simon Sharwood, 12 Jul 2018

UK privacy watchdog to fine Facebook 18 mins of profit (£500,000) for Cambridge Analytica

Facebook faces a £500,000 ($665,000) fine from the UK’s data protection watchdog, the ICO, for failing to protect netizens' info nor tell them how their data would be harvested by apps. The looming penalty relates to the social media giant's role in the Cambridge Analytica data-harvesting scandal – in which the personal …
Rebecca Hill, 11 Jul 2018
airplane

Thomas Cook website spills personal info – and it's fine with that

Holidaymakers who used Thomas Cook Airlines had their personal information spilled onto the internet no thanks to basic coding cockups. Norwegian programmer Roy Solberg came across an enumeration bug that leaked the full name of all travelers on a booking, the email addresses used, and flight details from Thomas Cook Airlines …
John Leyden, 10 Jul 2018

Insurers hurl sueball at Trustwave over 2008 Heartland megabreach

Security services firm Trustwave has been sued by insurers in America over the 2008 hacking of US payment processing biz Heartland. Lexington Insurance Company and Beazley Insurance Company allege Trustwave was "negligent" in failing to detect a SQLi attack, suspicious network activity, and malware associated with Heartland's …
John Leyden, 10 Jul 2018
Data breach

Nostalgic social network 'Timehop' loses data from 21 million users

A service named “Timehop” that claims it is “reinventing reminiscing” – in part by linking posts from other social networks – probably wishes it could go back in time and reinvent its own security, because it has just confessed to losing data describing 21 million members and can’t guarantee that the perps didn’t slurp private …
Woman in hospital (in hospital gown) covers face with hands

'Coding' cockup blamed for NHS cough-up of confidential info against patients' wishes

Confidential information on 150,000 NHS patients has been distributed against their wishes for years due to a "coding error" by healthcare software supplier TPP. NHS Digital, the body that oversees the healthcare service's use of data, fessed up to the bungle – which saw data on the affected patients used in ways they had …
Rebecca Hill, 3 Jul 2018
Face Palm D'oh from Shutterstock

Surveys-as-a-service outfit Typeform spilled a backup from May

Spanish Web form and survey company Typeform has announced a data breach in June, affecting data dated May, after someone gained access to one of the company's backup files. The company said the intruder accessed files “from a partial backup dated May 3rd, 2018”, and said it will contact all affected customers. “We identified …

Adidas US breach may have exposed millions of customers' personal info

Adidas warned late on Thursday that hackers may have lifted customer data from its US website. The sportswear maker said personal data, including contact information (addresses and email addresses), and encrypted passwords may have fallen into the hands of criminals, but was able to reassure customers that neither financial …
John Leyden, 29 Jun 2018
Musician Lotte on stage in Germany

Startup bank Monzo: We warned Ticketmaster months ago of site fraud

Online bank Monzo said it warned Ticketmaster that something weird was going on in early April, two months before the ticket-slinging giant revealed its payment pages had been hacked. Monzo detected an abnormal number of customers who had both bought tickets from Ticketmaster since December and had fraudulent activity on their …
John Leyden, 28 Jun 2018
Flightradar 24

Please tighten your passwords and assume the brace position, says plane-tracking site

Aviation professionals enthusiasts have been told to change their passwords after flight-tracking site flightradar24 warned of a data breach. The site offers real-time visualizations of commercial flights in transit with a freemium model. Subscribers get access to more historical data or to a package of services aimed at …
Simon Sharwood, 21 Jun 2018
fraud

Fraudster admits she was OPM dealer: Leaked US govt staff files used to bag cash, car loans

A woman has fessed up to using people's personal information, leaked online from the US government's Office of Personnel Management mega-hack, to take out loans and open bank accounts. Karvia Cross, 39, of Bowie, Maryland, USA, pleaded guilty on Monday in the eastern district of Virginia to one count of identity theft and …
Shaun Nichols, 19 Jun 2018
A hose leaking water

Asylum seeker spreadsheet data blurt: UK Home Office loses appeal to limit claimants

The British Home Office's bid to reduce the number of potential claimants from a 2013 data breach that exposed the personal details of thousands of asylum seekers has been knocked back by the Court of Appeal. Rather than simply publishing overall statistics on the family returns process – the system by which children who have …
Rebecca Hill, 18 Jun 2018

What got breached this week? Ticket portals, DNA sites, and Atlanta's police cameras

Roundup This week brought new charges for Marcus Hutchins, a novel way to sneak malware into archives, and shady hotspots for World Cup fans. There was also plenty of other security bits that didn't quite make the headlines. Here are some of the best. Apple wants to be cert-ain on certs Apple is going to make it harder for sites to …
Shaun Nichols, 9 Jun 2018
Saint_Paul_writing_his_epistles

ICO smites Bible Society, well fines it £100k...

The Information Commissioner's Office has not so much rained fire and brimstone down the British and Foreign Bible Society as drizzled it with a £100,000 fine - after the personal data of 417,000 supporters was put at risk due to a cyber attack. As a result of a ransomware attack in 2016, intruders were able to exploit a …
Kat Hall, 8 Jun 2018
Data breach

SaaSy HR outfit PageUp reports ‘unauthorised activity’ and data breach

SaaS HR platform PageUp has revealed “unusual activity on its IT infrastructure” and “revealed that we have some indicators that client data may have been compromised”. There’s bad news, semi-ok news, and bad news here: the bad is that the company isn’t sure what data was accessed, but thinks it was limited to “name and …

Create a news alert about data breach, or find more stories about data breach.

Biting the hand that feeds IT © 1998–2018