James Sander joins those taking GearBest out to the cyberwoodshed over a data leak: Over 1.5 million customer records from online electronics seller GearBest, as well as Zaful, Rosegal, and DressLily, were stored in an unprotected Elasticsearch server, according to a joint report from VPNMentor (archived here) and security researcher Noam Rotem. The brands involved…
Category: Business Sector
Australian man arrested for selling one million passwords from popular streaming services
Alex Hernandez reports: A 21-year old Australian man has been arrested for allegedly selling Hulu, Spotify, and Netflix passwords online. The Australian man operated a website that generated passwords for popular streaming services including the aforementioned trio. It is being reported that the man made AU$300,000 (US$211,000) from his operation. The man was arrested after…
Unsecured Gearbest server exposes millions of shoppers and their orders
Zeljka Zorz reports: Chinese e-commerce giant Gearbest has exposed information and orders of millions of its customers through an unsecured Elasticsearch server, security researcher Noam Rotem and his team have found. According to Rotem, the server was not protected with a password and anyone could access it and search the data. Also, despite assurances from…
Cyberattacker demands ransom from Northern Colorado utility
Pat Ferrier reports: When employees of the Fort Collins Loveland Water District and South Fort Collins Sanitation District got to work the morning of Feb. 11, they were locked out of technical and engineering data and drawings stored on their computers. The districts had fallen victim to a ransomware cyber attack, the second in two years, General Manager…
Hack attack at major B.C. booze distributor leaves customers struggling with backlog
Simon Little and John Hua report: Bars, restaurants and private liquor stores around B.C. are dealing with a frustrating backlog in supplies, after hackers targeted one of the biggest links in B.C.’s booze supply chain. Ransom-seeking cybercriminals successfully breached systems at Container World, a warehousing and logistics company that supplies much of province’s specialty liquor…
Ad Network Sizmek Probes Account Breach
Brian Krebs reports: Online advertising firm Sizmek Inc. [NASDAQ: SZMK] says it is investigating a security incident in which a hacker was reselling access to a user account with the ability to modify ads and analytics for a number of big-name advertisers. In a recent posting to a Russian-language cybercrime forum, an individual who’s been known…