A breach notification by Energy Federation Incorporated to the New Hampshire Attorney General’s Office indicates that on July 12, they discovered two pieces of malware on their server that had been inserted on July 7 and July 10. The malware “was designed to allow a third part to remotely search and collect” information on the server,…
Category: Business Sector
Eye Safety Systems notifies customers that credit card database may have been hacked and decryption key may have been acquired
Attorneys for Eye Safety Systems have notified the New Hampshire Attorney General’s Office that they believe that a compromise of their web site, hosted by an unnamed third party vendor, may have compromised customers’ credit card transaction data. The firm reports that although the database “used a method of encryption,” the hackers may have acquired…
S. Korea plans to scrap online real-name system in wake of massive hack
It appears that a massive data breach affecting 35 million South Koreans who use popular portal and social networking sites Nate and Cyworld has served as a wake-up call for the government: The South Korea government will push ahead with plans to scrap the current real-name system for Internet users in the wake of the…
ICO failure to punish Lush for data breach sends wrong message, says SecurEnvoy
Warwick Ashford reports: The failure of the Information Commissioner’s Office to impose a monetary penalty against cosmetics firm Lush – for failing to protect thousands of customer records from hackers – sends out all the wrong messages, according to authentication firm SecurEnvoy. “What we have here is a major e-commerce web portal – run by a…
(update) Texan gets 4 years for restaurant-related fraud
This is a follow-up to a breach previously covered on this blog in December 2010. Associated Press reports: An East Texas man has been sentenced to four years in prison over credit card numbers scammed from a restaurant and the Internet. The U.S. attorney’s office says 26-year-old Christopher Michael of Malakoff pleaded guilty in May…
UK: Hack of Lush Cosmetics results in undertaking
Back in January, I noted that Lush Cosmetics had been hacked and customer data acquired and misused. The company reportedly only became aware of the breach after receiving reports from almost 100 customers who had become victims of card fraud. Today, the UK’s Information Commissioner’s Office revealed that Lush was required to sign an undertaking…