August 14 – Hy-Vee takes the security of payment card data very seriously. We want to make customers aware of an investigation we are conducting into a security incident involving our payment processing systems that is focused on transactions at some Hy-Vee fuel pumps, drive-thru coffee shops, and restaurants, as well as to provide information…
Category: Business Sector
Major breach found in biometrics system used by banks, UK police and defence firms
Josh Taylor reports: The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan police, defence contractors and banks. Suprema is the security company responsible for…
700k Choice Hotels customer records leaked
Paul Bischoff reports: Hackers claim to have stolen 700,000 guest records belonging to Choice Hotels, one of the largest hotel chains in the world. Comparitech collaborated with security researcher Bob Diachenko to uncover the unsecured database, which was left exposed and accessible to anyone with an internet connection. Diachenko immediately notified the company of the…
British Airways E-Ticketing Flaw Exposes Passenger Flight, Personal Data
Lindsey O’Donnell reports: A vulnerability in British Airways’ e-ticketing system could enable a bad actor to view passengers’ personal data or change their booking information. A security bug discovered in British Airways’ e-ticketing system has the potential to expose passengers’ data, including their flight booking details and personal information. Read more on Threatpost.
FBI: Nashville company Asurion paid $300K ransom after private data was stolen; former employee named as suspect
Brian Kelman reports: A Nashville corporation paid at least $300,000 in ransom to a extortionist who claimed he stole private info of thousands of employees and more than a million customers, according to new court records from an ongoing FBI investigation. Asurion, a global phone insurance and tech support company headquartered in the city, confirmed the breach but said it believes the suspect…
Epic Games hit with class action suit over Fortnite security breach
James Brightman reports: Fortnite has been a wild ride for Epic Games and has taken the entire industry by storm. Its audience, however, may have gotten more than it bargained for when it learned at the start of the year that a massive security breach potentially exposed credit card data, personal information, and even voice…