Aptos, Inc. provides e-commerce solutions for a number of online e-tailers. In November, 2016, Aptos discovered it had a malware breach from February, 2016 – December, 2016. At law enforcement’s request, they delayed notification to their clients, so we are first finding out about it now as the clients begin to disclose the breach to their customers. So far,…
Category: Business Sector
Data from connected CloudPets teddy bears leaked due to misconfigured database; 820,000 kids’ files exposed
Troy Hunt reports that a misconfigured MongoDB installation resulted in audio files of children’s and parents’ conversations recorded by CloudPets being exposed in a Shodan search. And as we’ve seen many other times, the exposed files were deleted by an attacker, and a purported “ransom” note left in place of the database – a ransom note that was…
Carders capitalize on Cloudflare problems, claim 150 million logins for sale
Steve Ragan reports: A carder forum is advertising a special deal to VIP members. The website claims to possess more than 150 million logins, from a number of services including Netflix and Uber. The source of this data collection are the accounts exposed due to a recent problem on Cloudflare’s infrastructure. But is this on…
Security lapse exposed New York airport’s critical servers for a year
Zack Whittaker reports: A security lapse at a New York international airport left its server backups exposed on the open internet for almost a year, ZDNet has found. The internet-connected storage drive contained several backup images of servers used by Stewart International Airport, but neither the backup drive nor the disk images were password protected, allowing…
Credit card, personal info targeted in Hawaii tour company hack
HNN reports: Roberts Hawaii is warning customers about a security breach that may affect customers who purchased tours from July 2015 to December 2016. The tour company found out about the hack after getting reports of fraudulent charges on customers’ credit cards. The charges appeared shortly after the customers made purchases on Roberts Hawaii’s website….
Hampton Jitney alerts customers of data security breach Friday
Kelly Zegers reports: Hampton Jitney customers received an email early Friday alerting them to a security breach that may have compromised personal information stored with the company and were advised to change their passwords, according to a copy of the email. The incident was discovered Wednesday, the email from Hampton Jitney President Geoffrey Lynch said….