Chris Bing reports: A website configuration issue affecting itmanagement.com, a property owned by New York City digital publisher Ziff Davis, can be exploited to access a company database full of private user contact information, including names, phone numbers, employment details, email and employer addresses. The database also contains contact information for users registered on other Ziff Davis properties….
Category: Business Sector
How to Bury a Major Breach Notification
There are ways to bury a breach disclosure other than waiting until after 3 pm on the Friday of a holiday weekend. Brian Krebs reports: Amid the hustle and bustle of the RSA Security Conference in San Francisco last week, researchers at RSA released a startling report that received very little press coverage relative to its overall…
Vermont Restaurant Settles Charges by Attorney General’s Office Over Credit Card Fraud
Caroline Strange reports that the Grand Buffet restaurant in Essex Junction, Vermont, has settled charges brought by the VT Attorney General’s Office following an investigation into credit card fraud that affected the restaurant’s customers. If that sounds a bit atypical to you (it did to me), it turns out that the restaurant had known there was…
Yahoo tells users they were hit with cookie attack
Laura Hautala reports: Yahoo users found out Wednesday that hackers used a technical trick with cookies to log into their accounts without passwords. “Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account,” Yahoo users were told in an email. Yahoo revealed the…
Data breach hits San Antonio Symphony employees
At first I thought this might be another W-2 phishing incident, but it reads more like a hack. Davi Hendricks reports: Computer hackers broke into the computer network for the San Antonio Symphony this week, stealing the names, birth dates, social security numbers and addresses for about 250 employees, the organization confirmed Tuesday. “This was…
Senators’ letter points out Yahoo!’s lack of cooperation with Congressional investigation of breaches
Amir Nasr reports: Two Republican senators on Friday pressed Yahoo Inc. Chief Executive Marissa Mayer about her company’s failure to answer questions about data breaches from 2013 and 2014. “Despite several inquiries by committee staff seeking information about the security of Yahoo! user accounts, company officials have thus far been unable to provide answers to many…