Iain Thomson reports: Opscode, the commercial side of the open source Chef configuration management tool beloved by Google, Facebook, and IBM, has warned customers that a flaw in an unnamed third-party application has left its wiki and ticketing system pwned. “The attacker gained escalated privileges and downloaded the user database for the wiki and ticketing…
Category: Business Sector
Bridgewater Associates notifies former employees that their information was accessed by unknown individual
Bridgewater Associates, LP offers employees continuing health coverage (COBRA) when they separate from the firm. That coverage is administered by Ceridian, who maintain a database with the employees’ and their dependents’ names, addresses, dates of birth, Social Security numbers, and other benefit plan information (but no medical information). On or about April 11, a Bridgewater…
Man who tries to report breach to Sears finds himself talking to someone in India?
Here we go again. It’s bad enough to have an easily avoidable breach. It’s worse when you make it difficult for people to report it to you. Today’s entry in this Hall of Shame is Sears. Nesita Kwan reports personal information of hundreds of former Sears employees, including their Social Security numbers, photos, records with…
Apple Developer site hack: doubts cast on Turkish hacker’s claims
Charles Arthur reports: A Guardian investigation has cast doubt on claims by a UK-based Turkish researcher that he hacked into Apple’s Developer portal, which has been offline for more than a week. Read more on The Guardian.
Update on Raley’s breach
More on the Raley’s supermarket chain breach reported here on June 9. Peter Strozniak reports that Redwood Credit Union has reissued 18,400 debit cards since June when the Santa Rosa, Calif., credit union was notified that a regional supermarket’s IT system had been hacked by criminals compromising about 200 member accounts. Read more on CU Times.
US Airways notifies employees of breach, but why the delay?
On July 18, US Airways sent some of its employees a letter informing them that, due to an error by Automatic Data Processing (ADP), their W-2 information was downloadable online by fellow employees. US Airways had been made aware of the problem on June 6, but offered no explanation as to why it took them…