BBC reports: B&Q says it has taken action after being told that it exposed details of suspected store thieves to the net without password protection. The matter was brought to light by a security researcher last week. He said the DIY chain had taken the data offline, but was unable to get a response from…
Category: Business Sector
Japanese government plans to hack into citizens’ IoT devices
Catalin Cimpanu reports: The Japanese government approveda law amendment on Friday that will allow government workers to hack into people’s Internet of Things devices as part of an unprecedented survey of insecure IoT devices. The survey will be carried out by employees of the National Institute of Information and Communications Technology (NICT) under the supervision…
LocalBitcoins Has Been Hacked
Mary Kihoro reports: LocalBitcoins, a peer to peer Bitcoin exchange trading platform, has announced that its site has been exposed to a security breach from unknown third parties. However, as of now the team has managed to stop the attack and re-enabled outbound transactions. The platform is currently assessing the number users that have been…
DailyMotion discloses credential stuffing attack
Catalin Cimpanu reports: Video sharing platform DailyMotion announced on Friday that it was the victim of a credential stuffing attack, ZDNet has learned. […] According to an email sent out to impacted customers, and seen by ZDNet, the credential stuffing started last weekend, on January 19, and appears to have been successful in some cases,…
Millions of bank loan and mortgage documents have leaked online (UPDATED)
Update: One day later, the story of the OpticsML breach got much worse when Bob Diachenko found a second exposure involving the vendor. Read about it here. Original post: Zack Whittaker reports on a leak discovered by Bob Diachenko of Security Discovery: A trove of more than 24 million financial and banking documents, representing tens…
Class action settlement reached in Sonic data breach case
There’s been a settlement reached in a Sonic breach first reported by KrebsOnSecurity in 2017. KFOR reports that the settlement notice includes a statement: “The Settlement includes all residents of the United States of America who made a purchase at any one of the 325 impacted Sonic Drive-In locations and paid using a credit or…