Why hack when you can socially engineer employees into giving you the keys to the kingdom? Client management billing platform WHMCS reports that hacker group UGNazi successfully socially engineered their web hosting firm into providing the hackers with admin credentials. The hackers then proceeded to acquire their data, delete it, and dump it. The attack…
Category: Business Sector
AU: Fish, chips, and a side order of card fraud
Ben Grubb reports that the number of data breaches in Australia is at least double what is reported to the government because there is no mandatory breach notification law. And not surprisingly, many of the breached entities are small businesses. Read more on Sydney Morning Herald.
AZ: Passerby finds hundreds of documents with personal info in dumpster
Lindsey Reiser reports: Preston Brooker was walking his dog when he saw a dumpster overflowing with papers in an old LA Fitness parking lot. When he looked closer, he saw they weren’t your average photocopies. They were old gym memberships, with credit card information, Social Security numbers, addresses and other info. “This is a violation…
Plaxo online address book service warns of security breach
Online address book service Plaxo has confirmed that an unknown malicious third-party gained access to the company’s API connection to Google’s address book and calendar. As a result of the security breach, Google took precautionary measures and temporarily disabled the connection, and sent Google account holders a “Suspicious sign in prevented” email advising them that…
The Twitter hack that wasn’t?
When the news started circulating a few nights ago that Twitter had been hacked and over 55,000 logins had been dumped on the Internet, I looked at the five pastes comprising the data dump. The data didn’t look right to me, and as I told a colleague on DataLossDB, I was going to hold off…
Cn: 4 detained in 360buy.com data leak and online thefts
Zhan Jie reports: Four suspects have been detained for obtaining user information illegally from one of China’s largest e-commerce websites and stealing money from its user accounts, Xinhua News Agency reported today. More than 2,000 customers of 360buy.com fell victim to the information leak and lost more than 30,000 yuan (US$4,785) in total, Beijing prosecutors…