Articles about data breach

bucket

Good news: unsecured S3 bucket discovery just got easier

If you thought the business of discovering unsecured Amazon Web Services S3 buckets was for the pros, think again: like all things, the process can be automated, and the code to automate it posted to GitHub. It's not a new discipline – quickly Googling GitHub for S3 bucket enumeration turns up more than 1,000 results, but the …
Data breach

PayPal paid $US233m for company that leaked 1.6 million records

PayPal has “identified a potential compromise of personally identifiable information for approximately 1.6 million customers.” The good news ist that PayPal is not to blame for the likely leak. Fault can instead be ascribed to TIO Networks, a Canadian payments outfit that PayPal paid US$233m to acquire in February 2017. That …
Data breach

Firefox to warn users who visit p0wned sites

Mozilla developer Nihanth Subramanya has revealed the organisation's Firefox browser will soon warn users if they visit sites that have experienced data breaches that led to user credential leaks. A recently-released GitHub repo titled “Breach Alerts Prototype” revealed “a vehicle for prototyping basic UI and interaction flow …
Simon Sharwood, 24 Nov 2017

Uber: Hackers stole 57m passengers, drivers' info. We also bribed the thieves $100k to STFU

Uber's CEO Dara Khosrowshahi today revealed hackers broke into the ride-hailing app's databases and stole personal information on 57 million passengers and drivers – information including names, email addresses, and phone numbers. And the cyber-thieves made off with 600,000 US driver records that included their license numbers …
LLOYDS BANK BUILDING opposite royal courts of justice

Lloyds' Avios Reward credit cardholders report fraudulent activity

Thousands of Lloyds Avios Rewards American Express credit card customers have been targeted by fraudsters, the bank has admitted. Reports first emerged on air miles site Head for Points, where readers asked if the credit card had suffered a major data breach. One said: "About a week ago my wife's Lloyds Avios Amex card was …
Kat Hall, 17 Nov 2017

Pawnbroker pwnd: Cash Converters says hacker slurped customer data

Pawnbroking and secondhand goods outlet Cash Converters has suffered a data breach. Customers were notified of the leak on Thursday by email, samples of which have been posted on social media. Cash Converters said it had discovered that a third party gained unauthorised access to customer data within the company's UK webshop …
John Leyden, 16 Nov 2017
Stock market image via Shutterstock

Equifax Q3 results: Not as bad as you might have hoped – hack only cost biz about $87m

Equifax's latest financials lay bare the costly fallout from the embarrassing security breach that exposed 143 million customers' privates in the US and 15.2 million records in the UK. Calendar Q3 numbers for the three months ended 30 September - the latter being the same month the company 'fessed up to the mega leak - include …
Richard Priday, 10 Nov 2017
email

Uni staffer's health info blabbed in email list snafu

The University of East Anglia has been involved in a personal data breach for the second time in five months. Around 300 postgraduate students in the received an email on Sunday 5 November which contained "personal information about the health of a member of staff", due to the accidental use of an email distribution list. UEA …
Tax haven

Paradise Papers were not an inside job, says leaky offshore law firm

Revelations from the Paradise Papers, a leaked set of more than 13 million financial documents, have shed light on how the rich and famous channel funds through offshore tax havens. Among early stories spawned from the leak and published over the weekend are allegations that Russia funded Facebook and Twitter investments …
John Leyden, 6 Nov 2017

Virtually everyone in Malaysia pwned in telco, govt data hack spree

The personal data of millions of Malaysians has been swiped by hackers who raided government servers and databases at a dozen telcos in the southeast Asia nation. Information on 46.2 million cellphone accounts was slurped from Malaysians telecoms providers. To put that in context, the population of Malaysia is 31.2 million; …
John Leyden, 1 Nov 2017
Tax haven

Panic of Panama Papers-style revelations follows Bermuda law firm hack

A major offshore law firm admitted it had been hacked on Tuesday, prompting fears of a Panama Papers-style exposé into the tax affairs of the super rich. Jersey-based Appleby only admitted it had suffered the breach – which actually happened last year – after a group of journos from the International Consortium of …
John Leyden, 25 Oct 2017

Customers cheesed off after card details nicked in Pizza Hut data breach

Miscreants have made off with payment card details of "a small number of clients" following a data breach at Pizza Hut. In an email to affected customers seen by Bleeping Computer, the fast-food chain wrote: "Pizza Hut has recently identified a temporary security intrusion that occurred on our website. "We have learned that …
Kat Hall, 16 Oct 2017
Don't be an idiot

Oz military megahack: When crappy defence contractor cybersecurity 'isn't uncommon', surely alarm bells ring?

While Australia's federal government scrambles to hose down a hacking incident, it's important to ask why a defence contractor of any size could run a network so insecure it exposed default administrative interfaces to the Internet. An Australian Signals Directorate (ASD) presentation to the Australian Information Security …

Rattled toymaker VTech's data breach case exiting legal pram

VTech, the toy company pierced by attackers in late 2015, is hoping an Illinois court will toss out the resulting class action against it. The company's woes began on 27 November 2015, when it belatedly owned up to a breach. At the time, Troy Hunt believed the breach contained details of 4.8 million customers, and journalist …

It's 4PM on Friday, almost time to log off and, oh look, Disqus says it's been hacked

Disqus, the developer of website comment systems used worldwide, is playing the old "bury bad news late on a Friday" card – as it just confessed one of its databases was swiped by hackers. The software maker, which produces reader comment boards for blogs and newspapers everywhere, admitted at 4pm Pacific Time, Friday, that a …
Shaun Nichols, 6 Oct 2017

More data lost or stolen in first half of 2017 than the whole of last year

More data records were leaked or stolen by miscreants during the first half of 2017 (1.9 billion) than all of 2016 (1.37 billion). Digital security company Gemalto's Breach Level Index (PDF), published Wednesday, found that an average of 10.4 million records are exposed or swiped every day. During the first half of 2017 there …
John Leyden, 20 Sep 2017
Man sits on sand with laptop

44m UK consumers on Equifax's books. How many pwned? Blighty eagerly awaits spex on the breach

The impact of the Equifax data leak in the UK remains unclear days after the breach was first made public, amid reports estimating that the personal details of up to 44 million Brit could have been exposed. The credit reference agency and its UK subsidiaries provide services for UK companies including BT, Capital One and …
John Leyden, 11 Sep 2017
Image by Walther S http://www.shutterstock.com/gallery-955900p1.html

Bazinga! Social network Taringa 'fesses up to data breach

Latin American social networking site Taringa has suffered a database breach that has resulted in the spill of more than 28 million records. Usernames, hashed passwords (using the weak MD5 algorithm) and personal email addresses have been exposed by the breach. Argentinia-based Taringa’s breach statement (in Spanish) can be …
John Leyden, 5 Sep 2017

Create a news alert about data breach, or find more stories about data breach.

Biting the hand that feeds IT © 1998–2017