Pentel customers who ordered online at www.pentelstore.com were recently notified that hackers accessed their personal information and credit card information. By letter dated March 3 to the New Hampshire Attorney General, the pen manufacturer reported (pdf) that on January 20, its web maintainer and server host notified them that between December 11, 2008, and January…
Category: Business Sector
UAE: Newspaper staff salaries leaked on internet
Salaries of Abu Dhabi-based newspaper The National’s entire editorial staff have been posted on Wikileaks. Makt006 Business has more on the impact.
HackersBlog exposes BT.com vulnerability (updated)
“Unu” of HackersBlog reports that they have been able to access at least one of UK telecom BT’s databases through SQL injection: A faulty parameter, improperly sanitized opens the vault to the pretious databases. One can gain access to such ordinary things as personal data, login data, and the like. In the first syntax I…
Telegraph.co.uk hacked, SQL injection (updated)
The HackersBlog crew, who had previously exposed vulnerabilities in a number of security vendor sites and a social networking site, now reports that they were able to exploit an SQL injection vulnerability to access The Telegraph‘s databases, including one that has 700,000 email addresses and passwords of those receiving the paper’s newsletter. Given how many…
A bug in Google Docs leads to unintended file sharing
Richard de Vries explains on Slashdot: I work for a small Dutch company that uses Google Apps. This means that we can share documents with users within our domain (www.deondernemers.nl), as well as @gmail.com accounts or other Apps-domains. About three weeks ago, we discovered that some fifteen documents and spreadsheets were unintentionally shared with a…
IN: Hotel discards unshredded customer records in dumpster
Liza Danver of WISH-TV in Indiana reports that the Homestead Studio Suites hotel in Indianapolis dumped unshredded hotel guest records into their dumpster, where they were noticed by a guest who contacted the news team. The records appeared to be several years’ old, and included names, home addresses, phone numbers, e-mail addresses, and yes, complete…