Carly Page reports: Energy giant Npower has admitted that a security screw-up saw the personal details of some 5,000 customers shared via post. While there doesn’t appear to be a warning on the company’s website or social media channels, the BBC reports that Npower is “urgently investigating” the incident, which saw customers’ details shared in…
Category: Business Sector
Cloud data management firm Veeam exposes 200GB of data on AWS instance
Duncan Riley reports: Cloud data management company Veeam Software Inc. is the latest of many companies to expose customer data via a misconfigured cloud instance, with 200 gigabytes of data relating to more than 440 million customer records found online. Detailed by security researcher Bob Diachenko, the leak of the data was discovered on a MongoDB database…
Gang of hackers seizes WhatsApp accounts of Karachi users
The News (PK) reports: KARACHI: WhatsApp accounts of citizens are getting hacked by an anonymous group of hackers, Geo.tv reported on Tuesday. According to the report, numerous complaints were registered to the Federal Investigation Authority (FIA) since the past few days regarding the victims getting their accounts hacked. The hacking was done subsequent to a…
Latvenergo asks authorities to look into possible data leak
The TV3 television channel on September 9 reported that unknown individuals offered several political parties to buy a database, purportedly with the contact info, including mobile phone numbers, of Latvenergo clients. The parties – not named in the report – were supposedly asked €80,000 for the database. Meanwhile Latvenergo representatives are sure that there have been…
Hackers that compromised Ticketmaster blamed for British Airways security breach
Graeme Burton reports: Researchers at security consultancy RiskIQ claim that British Airways was breached by the same group, dubbed Magecart, that compromised Ticketmaster earlier this year. And Magecart is now so prolific that RiskIQ claims to be getting hourly alerts of new websites compromised by Magecart’s malicious JavaScript code. For British Airways, though, the group customised…
Click2Gov Payment System Security Breach
A reader kindly alerted me to the fact that the city of Tyler had reported a breach. When I looked into it, I see that it’s yet one more report on Click2Gov by Superion. This has been a known problem since last year, so why haven’t municipal governments updated and patched? RiskBasedSecurity had a more…