Articles about data breach

Doctor Nick Riviera

Oh, baby! Newborn-care website leaves database of medics wide open

A US healthcare company seemingly exposed on the public internet contact information for roughly 10,000 medical professionals. IT pro Brian Wethern said he warned Health Stream nine days ago that one of its now-removed websites had left a database of users out in the open, allowing anyone to slurp the first and last names of …
Shaun Nichols, 20 Apr 2018
letters stuffed in a mailbox. Photo by SHutterstock

Eight months after Equifax megahack, some Brits are only just being notified

Some of the 15 million Britons affected by the Equifax mega-hack are only now receiving letters notifying them that they were affected by the breach, eight months after the event. As we reported in September 2017, Equifax confessed to having been hacked, upping the number of affected people in the following weeks to a 145 …
Gareth Corfield, 19 Apr 2018

Millions of scraped public social net profiles left in open AWS S3 box

US social network data aggregator LocalBlox has been caught leaving its AWS bucket of 48 million records – harvested in part from public Facebook, LinkedIn and Twitter profiles – available to be viewed by anyone who stopped by. Security biz Upguard wandered by on February 18, and found the publicly accessible files in a …
Thomas Claburn, 19 Apr 2018

Hop to it, bunnies: TaskRabbit breach means new passwords

IKEA's TaskRabbit app and Website, which links buyers with people skilled with Allen key experts and other errand-runners, remain offline a day after the company announced a data breach. Ominously, the operation's announcement (currently in place of its home page) advises users that if they re-use their username or password on …
Doctors in a busy hospital

UK health service boss in the guts of WannaCry outbreak warns of more nasty code infections

The UK's National Health Service has learned from last year's WannaCry attack – and started putting in place disaster recovery measures that will allow it to maintain services in the face of an even fiercer assault. The worldwide spread of WannaCry last May hit hospital networks particularly hard and left doctors and nurses …
John Leyden, 13 Apr 2018
Woman accidentally kicks over bucket of popcorn in cinema

From Bangkok to Phuket, they cry out: Oh, Bucket! Thai mobile operator spills 46k people's data

TrueMove H, the biggest 4G mobile operator in Thailand, has suffered a data breach. Personal data collected by the operator leaked into an Amazon Web Services S3 cloud storage bucket. The leaked data, which includes images of identity documents was accessible to world+dog before the mobile operator finally acted to restrict …
John Leyden, 13 Apr 2018
Someone in an Uber ride

Uber hid database hack from FTC while FTC probed Uber for an earlier database hack

Uber hid a database hack from America's Federal Trade Commission (FTC) while the very same watchdog was investigating Uber for a separate database hack, it was revealed on Thursday. The taxi app maker reached a settlement with the FTC in August 2017 after the biz allegedly "deceived consumers about its privacy and data …
Kieren McCarthy, 12 Apr 2018
Man exasperated after being on hold for a long period of time. Photo by Shutterstock

Where's my free monitoring service, One Plus? – hacked-off customers

“We have been working with partners across the world and activated credit monitoring across a number of countries. We’re working to ensure it’s available to as many people as possible, and have been assured that the last customers will receive their credit monitoring in the coming days.” OnePlus customers are still waiting for …
Andrew Orlowski, 12 Apr 2018
great westren railway ticket + train

Great Western Railway warns of great Western password reuse: Brits told to reset logins

Great Western Rail is urging all customers to change their GWR.com passwords after miscreants gained access to strangers' accounts over the last week. The British train company said circa 1,000 accounts were directly affected out of more than a million, and has written to those customers and the UK Information Commissioner's …
Kat Hall, 11 Apr 2018

Company insiders behind 1 in 4 data breaches – study

The admins among you will be unsurprised to discover that, more than a quarter of the time, data breaches across the world originated between the chair and the keyboard of organisation "insiders". And no, we don't mean they clicked on a dodgy link... The latest edition of Verizon's Data Breach Investigations Report (DBIR) …
John Leyden, 10 Apr 2018
Person cutting up their payment card

Cinema voucher-pusher tells customers: Cancel your credit cards, we've been 'attacked'

Updated Worker perks-flinger Sodexo has told a number of customers to cancel their credit cards following "a targeted attack" on its cinema vouchers platform, Filmology. The scheme, which provides UK employee rewards via discounted cinema tickets, has also taken its site down "for the foreseeable future" in order "to eliminate any …
Kat Hall, 9 Apr 2018
Miniature SWAT team guarding laptop keyboard

There's security – then there's barbed wire-laced pains in the arse

If IT has a reputation as the gatekeeper, the security department is the one providing the locks and barbed wire. End users think IT security is a hassle: complex passwords, password expiry and multi-factor authentication are tolerated when they are made mandatory, but nobody is thrilled about it. But look at it from the …
Sonia Cuff, 9 Apr 2018
Military drone in use

Is it a bird? Is it a plane? No, it's a terrible leak of drone buyers' data

Exclusive A popular drone dealership website left its entire transaction database exposed online with no encryption at all, revealing a host of purchases by thousands of police, military, government and private customers. The DronesForLess.co.uk site was left wide open by its operators, who failed to protect critical parts of its web …
Delta flight over a beach

Bot-ched security: Chat system hacked to slurp hundreds of thousands of Delta Air Lines, Sears customers' bank cards

Hackers are feared to have swiped sensitive personal information held by two of the best known companies in the US – after malware infected a customer support software maker. Both Sears and Delta Air Lines said Wednesday that hundreds of thousands of customers' payment card numbers, expiration dates, and CVV security codes, …
Shaun Nichols, 5 Apr 2018

1.5 BEEELLION sensitive files found exposed online dwarf Panama Papers leak

Security researchers have uncovered 1.5 billion business and consumer files exposed online – just a month before Europe's General Data Protection Regulation comes into force. During the first three months of 2018, threat intel firm Digital Shadows detected 1,550,447,111 publicly available files across open Amazon Simple …
John Leyden, 5 Apr 2018
hacker

Gosh, these 'hacker' nerds are only getting more sophisticated

Hackers have moved away from simple point-of-sale (POS) terminal attacks to more refined assaults on corporations' head offices. An annual report from security firm Trustwave out today highlighted increased sophistication of web app hacking and social engineering tactics on the part of miscreants. Half of the incidents …
John Leyden, 5 Apr 2018
radar

US spanks EU businesses in race to detect p0wned servers

European organisations are taking longer to detect breaches than their counterparts in North America, according to a study by FireEye. Organisations in EMEA are taking almost six months (175 days) to detect an intruder in their networks, which is rather more than the 102 days that the firm found when asking the same questions …
John Leyden, 5 Apr 2018
toast

Do(ug)h! Half-baked security at Panera Bread spills customer data

The website for restaurant chain Panera Bread has made the personal information for customers' online accounts available for takeout since August last year, according to security researcher Dylan Houlihan. The all-your-can-eat menu on its website offered online account holders' full names, home addresses, email addresses, …

Create a news alert about data breach, or find more stories about data breach.

Biting the hand that feeds IT © 1998–2018