Articles about data breach

Customers cheesed off after card details nicked in Pizza Hut data breach

Miscreants have made off with payment card details of "a small number of clients" following a data breach at Pizza Hut. In an email to affected customers seen by Bleeping Computer, the fast-food chain wrote: "Pizza Hut has recently identified a temporary security intrusion that occurred on our website. "We have learned that …
Kat Hall, 16 Oct 2017
Don't be an idiot

Oz military megahack: When crappy defence contractor cybersecurity 'isn't uncommon', surely alarm bells ring?

While Australia's federal government scrambles to hose down a hacking incident, it's important to ask why a defence contractor of any size could run a network so insecure it exposed default administrative interfaces to the Internet. An Australian Signals Directorate (ASD) presentation to the Australian Information Security …

Rattled toymaker VTech's data breach case exiting legal pram

VTech, the toy company pierced by attackers in late 2015, is hoping an Illinois court will toss out the resulting class action against it. The company's woes began on 27 November 2015, when it belatedly owned up to a breach. At the time, Troy Hunt believed the breach contained details of 4.8 million customers, and journalist …

It's 4PM on Friday, almost time to log off and, oh look, Disqus says it's been hacked

Disqus, the developer of website comment systems used worldwide, is playing the old "bury bad news late on a Friday" card – as it just confessed one of its databases was swiped by hackers. The software maker, which produces reader comment boards for blogs and newspapers everywhere, admitted at 4pm Pacific Time, Friday, that a …
Shaun Nichols, 6 Oct 2017

More data lost or stolen in first half of 2017 than the whole of last year

More data records were leaked or stolen by miscreants during the first half of 2017 (1.9 billion) than all of 2016 (1.37 billion). Digital security company Gemalto's Breach Level Index (PDF), published Wednesday, found that an average of 10.4 million records are exposed or swiped every day. During the first half of 2017 there …
John Leyden, 20 Sep 2017
Man sits on sand with laptop

44m UK consumers on Equifax's books. How many pwned? Blighty eagerly awaits spex on the breach

The impact of the Equifax data leak in the UK remains unclear days after the breach was first made public, amid reports estimating that the personal details of up to 44 million Brit could have been exposed. The credit reference agency and its UK subsidiaries provide services for UK companies including BT, Capital One and …
John Leyden, 11 Sep 2017
Image by Walther S

Bazinga! Social network Taringa 'fesses up to data breach

Latin American social networking site Taringa has suffered a database breach that has resulted in the spill of more than 28 million records. Usernames, hashed passwords (using the weak MD5 algorithm) and personal email addresses have been exposed by the breach. Argentinia-based Taringa’s breach statement (in Spanish) can be …
John Leyden, 5 Sep 2017

'Open and accessible' spambot server leaks 711 million records

A spambot operation has leaked 711 million email addresses in a massive data breach. A Paris-based security researcher, who goes by the pseudonymous handle Benkow, discovered an open and accessible web server hosted in the Netherlands. The "open and accessible" system stored dozens of text files containing a huge batch of …
John Leyden, 30 Aug 2017
Data breach

Months after breach at the 'UnBank' Ffrees, customers complain: No one told us

Customers of UK financial services firm FFrees said they were unaware of a breach that took place there four months ago until a security researcher got in touch with them. The same anonymous white hat who discovered the now infamous AA shop accessories breach back in April also uncovered the exposure of data by Ffrees Family …
John Leyden, 16 Aug 2017
Image by Maythee Voran

Dow Jones index – of customers, not prices – leaks from AWS repo

Dow Jones has emulated Verizon by saving various internal databases (including Wall Street Journal subscribers) in the cloud without properly securing it. The breach was turned up by UpGuard's Chris Vickery and is detailed in this post. It's an all-too-familiar, straightforward breach: someone left a cloud repository …
Crop of doctor with pen and clipboard

Bupa: Rogue staffer stole health insurance holders' personal deets

Healthcare firm Bupa suffered a data breach when an employee of its international health insurance division inappropriately copied and removed some customer information. People who have taken out international health insurance with the company were notified on Wednesday that the data taken includes "names, dates of birth, …
John Leyden, 13 Jul 2017
crashing airplane

Flight Centre leaks fliers' passport details to 'potential suppliers'

Human error at travel company Flight Centre has resulted in a leak of personal information, including data of customers' passports. “Personal information relating to some leisure customers in Australia was accidentally made available to a small number of potential third party suppliers for a short period of time,” a …
Simon Sharwood, 13 Jul 2017

The AA's copped to credit data blurt, but what about car-crash incident response?

UK motoring organisation The AA belatedly admitted late on Friday, July 7th that customer data – including in some cases partial credit card numbers – had been exposed in a recent breach. Security experts gave the confession a frosty response while a specialist IT lawyer said incident response handling of this type would risk …
John Leyden, 10 Jul 2017
A hose leaking water

Canberra reviewing online Medicare lookup after data breach

It looks like the government's figured out how Australians' Medicare numbers were leaking and ending up on a Tor trading site: an insider abusing a login. Lsat week, the existence of “The Medicare Machine” became public after a journalist for The Guardian purchased his own Medicare information from the site for $30 worth of …
Picture of multi-layered sandwich. Photo by Shutterstock

Biometric data stolen from corporate lunch rooms system

A US payment kiosk vendor has been stung by malware scum. Avanti Markets helps employers monetise the lunch-room and get rid of counter-service, going beyond a simple vending machine to cover the whole sandwiches-fruit-drinks-junk-food with one payment system. Last week, as first spotted by Brian Krebs, the company posted …

Hard Rock hotels burgered up by Sabre breach

Two more hotel chains are warning customers they were caught by the breach of Sabre's "SynXis" hotel booking service that emerged earlier this year. Last Thursday, the Hard Rock chain warned that customers of 11 of its properties may have been caught up in the breach. According to Hard Rock's confession, Sabre advised it the …
Car crash

Automobile Association under fire for car-crash handling of data breach

Breakdown and car insurance outfit AA has been scolded for its handling of a data breach that spilled customer email addresses and partial credit card numbers. Data from the AA's online shop leaked online in April due to a server misconfiguration. The whoopsie gave access to backup files about orders for maps, motoring …
John Leyden, 4 Jul 2017

Medicare data leaks, but who was breached?

Medicare numbers in Australia became a lot less useful as a proof-of-identity, with the Australian Federal Police investigating how an unknown number of records ended up for sale on a Tor site. The report first surfaced via The Guardian's Australian site, with journalist Paul Farrell reporting he purchased his own record for …

Create a news alert about data breach, or find more stories about data breach.

Biting the hand that feeds IT © 1998–2017