Joseph Cox reports: To protest a data broker giving trial accounts of their product to U.S. Immigrations and Customs Enforcement, a source has provided Motherboard with internal files of Sayari, a company that collects and resells access to data on citizens from more than a hundred different countries. Sayari’s data banks include physical addresses, email…
Category: Business Sector
Court approves extradition of young hacker to US
Jonathan Shkurko reports: Joshua Epiphaniou will be the first Cypriot to be extradited to the United States after a Nicosia court ruled he should stand trial there, his lawyer Michael Chambers said. He faces 20 years in prison in two US states – Georgia and Arizona – where he faces several charges including wire and…
Macy’s Customer Payment Info Stolen in Magecart Data Breach
Lawrence Abrams reports: Macy’s has announced that they have suffered a data breach due to their web site being hacked with malicious scripts that steal customer’s payment information. This type of compromise is called MageCart attack and consists of hackers compromising a web site so that they can inject malicious JavaScript scripts into various sections…
TW: Online box office EZding liable for data theft and consequential damages
Arthur Shay of Shay and Partners writes: In September 2019 a landmark appeal court decision found an online information service provider liable for consequential damages of data theft. In April 2017 subscribers and users of one of Taiwan’s most popular box office websites, EZding, reported numerous data theft incidents. EZding rejected the complaints about its…
150 infosec bods now know who they’re up against thanks to BT Security cc/bcc snafu
Gareth Corfield reports: BT Security managed to commit the most basic blunder of all after emailing around 150 infosec professionals who attended a jobs fair – using the “cc” field instead of “bcc”. The email, shown to The Register by a non-trivial number of aggrieved recipients, thanked them for attending the Westminster Cyber Expo and popping by…
CISA Releases Cyber Readiness Recommendations for Small Business
Caleb Skeath and Inside Privacy write: Last week, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (“CISA”) released a set of cyber readiness recommendations for small businesses. The recommendations, which CISA developed in collaboration with small businesses and state and local governments, are intended to assist smaller organizations in implementing organizational cybersecurity practices. While…