Sergiu Gatlan reports: TeamViewer confirmed today that it has been the victim of a cyber attack which was discovered during the autumn of 2016, but was never disclosed. This attack is thought to be of Chinese origins and utilized the Winnti backdoor. The company behind the highly popular TeamViewer remote desktop software told German publisher Der Spiegel that…
Category: Business Sector
Unsecured Survey Database Exposes Info of 8 Million People
Lawrence Abrams reports: An unsecured database has exposed the personal information of 8 million people from the U.S. who participated in online surveys, sweepstakes, and requests for free product samples. […] Sanyam Jain, an independent security researcher and member of the GDI Foundation, discovered an unsecured Elasticsearch database that exposed the personal information of 8 million people who…
Ca: $60 million class-action lawsuit denied by judge
CTV reports: A proposed class-action lawsuit seeking $60 million in damages against Casino Rama following a cyber-attack has been denied. Lawyers for the plaintiffs argued as many as 200,000 people might have had their personal information stolen in the hack, including employees and patrons. In November 2016, the casino announced it had been the victim…
Burger King’s Online Store for Kids Exposes Customers’ Info
Oops, I had missed this one last week. Sergiu Gatlan reported: An unprotected Elasticsearch cluster found via a Shodan search exposed 37,900 records of Kool King Shop customers, a French online shop specifically tailored to be used by kids who bought Burger King menus. As Security Discovery researcher Bob Diachenko discovered after further investigation, the…
Update: West Hartford officials warn parents of test registration platform data breach
Doug Levin kindly alerted me that the Hartford Courant has a story on the Total Registration data security incident. … The school officials said that Total Registration, used by the district to register students for certain exams, informed them that certain information provided by students including name, grade level, gender, date of birth, address, email…
Hackers access data from more than 460,000 accounts at Uniqlo’s online store
Eustance Huang reports: Fast Retailing, the Japanese company behind the Uniqlo retail chain, announced Monday that the data of more than 460,000 customers on its online shopping sites were accessed by hackers from April 23 to May 10. In a statement released on its website, Fast Retailing said: “It was confirmed on May 10, 2019…