Catalin Cimpanu reports: A new security breach involving the Magecart malware came to light today, this time involving a US web company named Shopper Approved that provides a “review widget” that other companies can embed on their sites and collect opinions and ratings from customers. This incident took place on September 15, according to a report…
Category: Business Sector
Google Exposed User Data, Feared Repercussions of Disclosing to Public
Douglas MacMillan and Robert McMillan report: Google exposed the private data of hundreds of thousands of users of the Google+ social network and then opted not to disclose the issue this past spring, in part because of fears that doing so would draw regulatory scrutiny and cause reputational damage, according to people briefed on the…
Amazon fires employee for sharing customers’ email addresses
Catalin Cimpanu reports: In an email sent to customers on Friday, October 5, Amazon said it fired an employee for sharing customers’ email addresses with a third-party seller. Third-party sellers are companies or individuals who sell products on Amazon. Amazon said it’s working with law enforcement in support of the former employee’s prosecution. The company…
Toyota notifies employees and health plan participants of data breach
September 28, 2018 Toyota Industries North America, Inc. (“TINA”), which is headquartered in Columbus, Ind. and provides administrative services to its affiliated North American entities, is notifying individuals of a data security incident. The incident could potentially impact the security of certain personal and protected health information regarding approximately 19,000 current/former employees and health plan…
Vancouver-based Burgerville hit by data breach
Anthony Macuk reports: Burgerville announced Wednesday that its network had been hit by a cybersecurity breach that may have resulted in customers’ credit and debit card information being compromised, including names, card numbers, expiration dates and three-digit CVV numbers. The company is urging anyone who used a credit or debit card at a Burgerville location…
Website flaw exposed a Canadian ISP’s entire customer database
Zack Whittaker reports: Canadian internet provider Altima Telecom has fixed a flaw in its website that could have given an attacker full access to its customer database. The customer database was connected to the company’s website, but could be remotely accessed with a blind SQL injection attack. Daley Borda, founder of Underdog Security, found the…