It’s been one of those weeks when I struggle to keep up with all of the tips and leads I’m sent. One of the leads, received yesterday morning, pointed me to a post on Pastebin with what purported to be a “Link to Download Order History – Netshoes.com – ˜500k records.” The link did, in fact,…
Category: Business Sector
Bittrex ‘Leaks’ User Passports In Support Emails, Says Russian Telegram Channel
William Suberg reports: Bittrex is reportedly leaking users’ passport scans and photographs as KYC emails from customer support contain dire security errors. As reports a Russian-language news channel on Telegram, users who go through the exchange’s manual KYC verification but are rejected receive an email from customer support. Along with the private documents the user…
Former Columbia Sportswear employee sentenced to probation and community service
There’s an update in the case of a former Columbia Sportswear employee who was sued by the firm for allegedly hacking them after he left their employ. In August, Michael Leeper pleaded guilty. Now, despite prosecution attempts to get him some jail time, Leeper was sentenced to three years of probation with 400 hours of community…
Sg: oBike reviewing app security after international user data lea
Zhaki Abdullah reports: Bicycle-sharing operator oBike is reviewing the security of its app, following a leak that affected its users’ data in 14 countries worldwide. German broadcaster Bayerischer Rundfunk reported last week that unencrypted oBike user data – names and ride locations, for example – were accessible online. A spokesman for the Singapore-based firm said…
Ashley Madison takes your privacy very seriously…. until they don’t…
Thomas Fox-Brewster reports: Despite the catastrophic 2015 hack that hit the dating site for adulterous folk, people still use Ashley Madison to hook up with others looking for some extramarital action. For those who’ve stuck around, or joined after the breach, decent cybersecurity is a must. Except, according to security researchers, the site has left photos of…
Uber paid 20-year-old Florida man to keep data breach secret – sources
Joseph Menn and Dustin Volz report: A 20-year-old Florida man was responsible for the large data breach at Uber Technologies Inc [UBER.UL] last year and was paid by Uber to destroy the data through a so-called “bug bounty” program normally used to identify small code vulnerabilities, three people familiar with the events have told Reuters….