From the South China Morning Post: The personal information of 60 students and teachers in Chinese University’s mechanical engineering department has been stolen and transferred to an overseas website by hackers, police said. Names, login IDs, student and staff numbers and e-mail addresses were stolen from a website for the online submission of work in…
Month: July 2013
MAPCO Express sued over data breach
Another potential class-action lawsuit has been filed in response to the MAPCO Express breach, reported previously on this blog. The suit also names the convenience chain’s parent company, Delek U.S. Holdings Inc., as defendants. Read more on Tuscaloosa News. The complaint by Ian Yeager was filed on June 17, and an amended complaint (uploaded here)…
Michigan Cancer Consortium hacked, almost 50,000 notified
No detailed medical records were involved, but the Michigan Department of Community Health is notifying nearly 50,000 affected residents that their PII/PHI may have fallen into the hands of a hacker. CBS Detroit reports the state has sent out letters after computers hosting the Michigan Cancer Consortium website were accessed by hackers. “They were reports…
Vendini breach update
As I’ve noted before, the Vendini breach, reported previously on this blog, appears to fairly large, but has generally flown under national mainstream media attention. Instead, I see bits and pieces in local media or on organizations’ web sites as entities report that their patrons or members were affected (cf, reports involving Purple Rose Theatre,…
Ubisoft notifies UPlay users to change passwords following breach
Ubisoft has posted an announcement on their site today: Hello All, We recently found that one of our Web sites was exploited to gain unauthorized access to some of our online systems. We instantly took steps to close off this access, to begin a thorough investigation with relevant authorities, internal and external security experts, and…
AT&T iPad hacker appeals conviction, long sentence
Jeremy Kirk reports that attorneys for security researcher Andrew Auernheimer (“weev”) have filed an appeal over his conviction and sentencing: Andrew Auernheimer, known as “weev,” created an automated tool to extract the names and email addresses of 114,000 iPad 3G owners from AT&T’s servers, which were used by customers to access their accounts. The information was…