Zeljka Zorz reports: Chinese e-commerce giant Gearbest has exposed information and orders of millions of its customers through an unsecured Elasticsearch server, security researcher Noam Rotem and his team have found. According to Rotem, the server was not protected with a password and anyone could access it and search the data. Also, despite assurances from…
Category: Business Sector
Cyberattacker demands ransom from Northern Colorado utility
Pat Ferrier reports: When employees of the Fort Collins Loveland Water District and South Fort Collins Sanitation District got to work the morning of Feb. 11, they were locked out of technical and engineering data and drawings stored on their computers. The districts had fallen victim to a ransomware cyber attack, the second in two years, General Manager…
Hack attack at major B.C. booze distributor leaves customers struggling with backlog
Simon Little and John Hua report: Bars, restaurants and private liquor stores around B.C. are dealing with a frustrating backlog in supplies, after hackers targeted one of the biggest links in B.C.’s booze supply chain. Ransom-seeking cybercriminals successfully breached systems at Container World, a warehousing and logistics company that supplies much of province’s specialty liquor…
Ad Network Sizmek Probes Account Breach
Brian Krebs reports: Online advertising firm Sizmek Inc. [NASDAQ: SZMK] says it is investigating a security incident in which a hacker was reselling access to a user account with the ability to modify ads and analytics for a number of big-name advertisers. In a recent posting to a Russian-language cybercrime forum, an individual who’s been known…
NZ retailer Kathmandu Holdings flags suspected data breach at websites
Reuters reports: March 13 (Reuters) – New Zealand-based outdoor clothing and equipment retailer Kathmandu Holdings Ltd said on Wednesday it was “urgently investigating” a suspected customer data breach at its online trading websites.v The company said an unidentified third party gained unauthorised access to its website platform between Jan. 8 and Feb. 12 and might…
Airline e-ticket systems’ vulnerabilities could compromise PII to hackers
Anthony Kimery reports: Eight airline’s e-ticketing systems can expose passengers’ Personally Identifiable Information (PII) throuvgh a vulnerability using website links that are “easily intercepted by hackers,” according to Wandera, an enterprise mobile security and data management solutions company, in a recent report. “All of the major airlines that we identified are putting passenger data at…