Julia Alexander reports: A security bug that hit Tumblr’s recommended blogs module may have exposed users’ private information, according to an open letter. Information like email addresses, passwords, IP addresses, and self-reported locations may have become exposed due to the bug if individual accounts were hit. It’s unclear if the bug affected individual accounts, according…
Category: Business Sector
A Washington ISP exposed the ‘keys to the kingdom’ after leaving a server unsecured
Zack Whittaker reports: A Washington state internet provider left an unprotected server online without a password, exposing network schematics, passwords and other sensitive files for at least six months. Worse, it took the company a week to shut off the leak, despite several phone calls and emails warning of the exposure. The little-known internet provider,…
This Is What The Morrisons Data Leak Class Action Means For Future Breaches
Kate O’Flaherty reports: UK supermarket Morrisons is facing a massive payout to staff after losing the first data leak class action in the UK. It comes after Andrew Skelton, a senior internal auditor at the retailer’s Bradford headquarters, leaked employee data online in 2014. Last year, a court ruled the firm was liable for his actions….
Super Micro trashes Bloomberg chip hack story in recent customer letter
Catalin Cimpanu reports: In a letter sent to customers last week, Super Micro Computer (dba Supermicro) has thrashed a Bloomberg article that claimed the company’s motherboards contained a secret chip inserted by the Chinese government for cyber-espionage purposes. “We are confident that a recent article, alleging a malicious hardware chip was implanted during the manufacturing…
Information of 396K Users Exposed in Facepunch Data Breach
Sergiu Gatlan reports: As reported by Troy Hunt’s Have I Been Pwned breach notification service, the Facepunch game studio was the victim of a data breach in June 2016 which led to sensitive information of 396,650 users being exposed. […] Furthermore, the Facepunch studio said they knew about the security breach and that all people…
ABA ethics opinion offers guidance on data breaches
Jason Tashea reports: Lawyers have to safeguard client data and notify clients of a data breach, and the ABA Standing Committee on Ethics and Professional Responsibility has issued a formal opinion that reaffirms that duty. In Formal Opinion 483, issued Tuesday, the standing committee also provided new guidance to help attorneys take reasonable steps to…