Leticia Miranda reports: The personal information of tens of thousands of customers of Saks Fifth Avenue has been publicly available in plain text online, BuzzFeed News has learned. The online shopping site for the brand is maintained by the digital division of its owner, the Canada-based Hudson’s Bay Company. Until recently, unencrypted, publicly accessible web…
Category: Business Sector
Oh those inadequately secured backup devices…
While I’ve been busy tracking W-2 phishing scams, let’s not lose sight of the fact that there are other ways for criminals to obtain W-2 or tax information, and that human error continues to turn assets into low-hanging fruit. Interpreters Unlimited recently notified the Vermont Attorney General’s Office that the contents of an employee’s backup device were…
Neiman Marcus to settle long-running data breach litigation for $1.6m?
Law360 reports: Neiman Marcus has agreed to pay $1.6 million to resolve a data breach class action in Illinois federal court over a December 2013 cyber intrusion that revealed the credit card data of 350,000 shoppers of the luxury retailer, according to a court document filed Friday. Read more on Law360 if you have a…
Google Points to Another POS Vendor Breach – Krebs
Brian Krebs reports: For the second time in the past nine months, Google has inadvertently but nonetheless correctly helped to identify the source of a large credit card breach — by assigning a “This site may be hacked” warning beneath the search results for the Web site of a victimized merchant. A little over a…
McDonalds India is leaking 2.2 million users data
Hackernoon writes: This is published under our responsible disclosure policy The McDonald’s India app, McDelivery is leaking personal data for more than 2.2 million of its users which includes name, email address, phone number, home address, accurate home co-ordinates and social profile links. We contacted McDelivery on 7th Feb and received an acknowledgement from a…
UK: Man prosecuted for taking files with job candidates’ personal info with him when he resigned to start rival company
Gregory Orum has been prosecuted at Highbury Corner Magistrates’ Court for an offence of unlawfully obtaining personal data. The defendant, who at the time worked at a recruitment agency based in Hertfordshire, emailed the personal data of approximately 500 candidates to his personal email address as he was leaving to start a new rival recruitment…