In an August 30th press release, posted previously on DataBreaches.net, chocolatier Russell Stover disclosed that point-of-sale (POS) terminals in their retail stores appeared to have been compromised by malware. Online customers were reportedly not at risk, but based on its investigation up until that date, they believed that the attacker may have been able to…
Category: Business Sector
AU: Tech start-up investigating ‘potential data leak’ on online ticketing platform
Ben Nielsen and Rebecca Puddy report: An online ticketing company has moved quickly to fix a “potential data leak” after a university student claimed the personal details of thousands of people had been revealed. In a statement posted on its website, Get said it had “immediately acted” following reports of a “potential vulnerability” in its…
LinkedIn Can’t Block Analytics Company From Scraping Profiles
Wendy Davis reports: LinkedIn can’t rely on a 33-year-old anti-hacking law to prevent prevent the analytics firm HiQ Labs from mining data, a federal appellate court ruled Monday. The ruling, issued by a three-judge panel of the 9th Circuit Court of Appeals, leaves in place an injunction that requires LinkedIn to allow publicly available data…
Security breach on Pepperfry exposes details of users; now plugged
Pranav Hegde reports: A major security flaw was detected on online furniture store Pepperfry’s website, which could have allowed users to sign in to another registered user’s account. Pepperfry has claimed that the bug was fixed within an hour of being detected. Security researcher Ehraz Ahmed found the bug on Pepperfry’s website, which could have…
Monster.com says a third party exposed user data but didn’t tell anyone
Zack Whittaker reports: An exposed web server storing résumés of job seekers — including from recruitment site Monster — has been found online. The server contained résumés and CVs for job applicants spanning 2014 and 2017, many of which included private information like phone numbers and home addresses, but also email addresses and a person’s…
DK-Lok data breach exposes global enterprise client data, internal emails
Charlie Osborne reports: Perhaps, one day, the continual stream of data leaks and cybersecurity breaches stemming from open databases will make organizations sit up, take notice, check their IT infrastructure, and resolve any security problems they find. Today is not that day it seems for DK-Lok, the latest entry in a long list of companies…