Oof. I read something like this notification below from Boise Cascade Company in Utah, and I wonder if the employees had been regularly trained in avoiding phishing attacks, or if it was just the case that the phishing was done so damned well that the employees fell for it despite their training. In this case,…
Category: Business Sector
Netshoes customer data possibly hacked; 500k customers’ order info dumped?
It’s been one of those weeks when I struggle to keep up with all of the tips and leads I’m sent. One of the leads, received yesterday morning, pointed me to a post on Pastebin with what purported to be a “Link to Download Order History – Netshoes.com – ˜500k records.” The link did, in fact,…
Bittrex ‘Leaks’ User Passports In Support Emails, Says Russian Telegram Channel
William Suberg reports: Bittrex is reportedly leaking users’ passport scans and photographs as KYC emails from customer support contain dire security errors. As reports a Russian-language news channel on Telegram, users who go through the exchange’s manual KYC verification but are rejected receive an email from customer support. Along with the private documents the user…
Former Columbia Sportswear employee sentenced to probation and community service
There’s an update in the case of a former Columbia Sportswear employee who was sued by the firm for allegedly hacking them after he left their employ. In August, Michael Leeper pleaded guilty. Now, despite prosecution attempts to get him some jail time, Leeper was sentenced to three years of probation with 400 hours of community…
Sg: oBike reviewing app security after international user data lea
Zhaki Abdullah reports: Bicycle-sharing operator oBike is reviewing the security of its app, following a leak that affected its users’ data in 14 countries worldwide. German broadcaster Bayerischer Rundfunk reported last week that unencrypted oBike user data – names and ride locations, for example – were accessible online. A spokesman for the Singapore-based firm said…
Ashley Madison takes your privacy very seriously…. until they don’t…
Thomas Fox-Brewster reports: Despite the catastrophic 2015 hack that hit the dating site for adulterous folk, people still use Ashley Madison to hook up with others looking for some extramarital action. For those who’ve stuck around, or joined after the breach, decent cybersecurity is a must. Except, according to security researchers, the site has left photos of…