Leonard Manson reports: The São Paulo Consumer Protection and Defense Program (Procon-SP) notified Serasa on Monday (1st) to provide clarifications on the collection, and possible use, of the internet banking passwords required by the credit bureau to carry out searches on the site. The request for a bank password, made in the “customer area”, was…
Category: Business Sector
Rookie coding mistake prior to Gab hack came from site’s CTO
Sometimes you read a story and think, “Oh. This is just too perfect.” This is one of those times. Dan Goodin reports: Over the weekend, word emerged that a hacker breached far-right social media website Gab and downloaded 70 gigabytes of data by exploiting a garden-variety security flaw known as an SQL injection. A quick review of…
Mandiant issues final report on its investigation into Accellion breach
Yesterday, Mandiant issued its final report on its investigation into the Accellion data breach that impacted a number of its big clients including Jones Day law firm, SingTel, Bombardier, Goodwin Procter, the Transport for NSW, the New Zealand Reserve Bank, and others. You can find the report here (pdf). And while the investigation may be…
European e-ticketing platform Ticketcounter extorted in data breach
Lawrence Abrams reports: A Dutch e-Ticketing platform has suffered a data breach after a user database containing 1.9 million unique email addresses was stolen from an unsecured staging server. Ticketcounter is a Dutch e-Ticketing platform that allows clients, such as zoos, parks, museums, and events, to provide online tickets to their venue. Read more on…
Your personal data may have been compromised, Malaysia Airlines tells its frequent flyer members
Shahrin Aizat Noorshahrizam reports: National carrier Malaysia Airlines informed members of its frequent flyer programme Enrich that there had been a “data security incident” at one of its third-party IT service providers. According to the airlines, the incident happened between a nine-year-period from March 2010 to June 2019. Read more on Malay Mail. The airline’s…
Chinese cyber attack foiled: Power Ministry
The Hindu reports: “State-sponsored” Chinese hacker groups had targeted various Indian power centres, the Union Power Ministry said on Monday, but added that these groups have been thwarted after government cyber agencies warned it about their activities. While the government refused to confirm or deny a New York Times report, based on a U.S. cyber…