Roy Urrico reports: Security researchers discovered an exposed Elasticsearch server containing up to 1.5 million Freedom Mobile users’ personal data, passwordless, and including unencrypted credit card and CVV numbers, expiration dates and verification numbers. The five million exposed customer data logs belonged to Freedom Mobile, Canada’s fourth wireless telecommunications provider. The files, stored in plaintext,…
Category: Business Sector
Twitter discloses a bug impacting collection and sharing of location data on iOS devices
Twitter’s online Help section has the following notice: You trust us to be careful with your data, and because of that, we want to be open with you when we make a mistake. We have discovered that we were inadvertently collecting and sharing iOS location data with one of our trusted partners in certain circumstances….
Condé Nast notifies 1,100 WIRED subscribers after subscriber page vendor breach
Condé Nast is notifying about 1,100 WIRED subscribers of a breach involving their payment information. In a notification letter dated May 9, they write: The WIRED subscription page is hosted by a third-party vendor. We believe that an unauthorized party accessed our vendor’s systems in an attempt to acquire information about approximately 1,100 WIRED subscription…
Hackers are collecting payment details, user passwords from 4,600 sites
Catalin Cimpanu reports: Hackers have breached analytics service Picreel and open-source project Alpaca Forms and have modified JavaScript files on the infrastructure of these two companies to embed malicious code on over 4,600 websites, security researchers have told ZDNet. The attack is ongoing, and the malicious scripts are still live, at the time of this…
Pacers company discloses data breach
The company associated with the Indiana Pacers – Pacers Sports & Entertainment (“PSE”) – issued a notice yesterday about a data security incident. Curious as to whether it impacted fans or employees, I skimmed it… only to be reminded yet again that our medical or health data can be breached in all kinds of settings….
Equifax Says Cybersecurity Breach Has Cost $1.4 Billion
Emma Hurt reports: Equifax, the Atlanta credit bureau, revealed in its earnings release Friday that dealing with its 2017 cybersecurity incident has cost about $1.4 billion plus legal fees. A year and a half ago, the company, which gathers consumers’ credit histories, revealed a massive security breach compromised the personal information of about 150 million…