Joseph Cox reports: A data trader claims to be selling over 950,000 user accounts for the website of popular music festival Coachella. The data includes email addresses, usernames and hashed passwords. “Coachella complete database dump from this month,” the vendor, who uses the handle Berkut, writes in their listing on the Tochka dark web marketplace….
Category: Business Sector
Millions of IGN and PCMag user records sit exposed, online
Chris Bing reports: A website configuration issue affecting itmanagement.com, a property owned by New York City digital publisher Ziff Davis, can be exploited to access a company database full of private user contact information, including names, phone numbers, employment details, email and employer addresses. The database also contains contact information for users registered on other Ziff Davis properties….
How to Bury a Major Breach Notification
There are ways to bury a breach disclosure other than waiting until after 3 pm on the Friday of a holiday weekend. Brian Krebs reports: Amid the hustle and bustle of the RSA Security Conference in San Francisco last week, researchers at RSA released a startling report that received very little press coverage relative to its overall…
Vermont Restaurant Settles Charges by Attorney General’s Office Over Credit Card Fraud
Caroline Strange reports that the Grand Buffet restaurant in Essex Junction, Vermont, has settled charges brought by the VT Attorney General’s Office following an investigation into credit card fraud that affected the restaurant’s customers. If that sounds a bit atypical to you (it did to me), it turns out that the restaurant had known there was…
Yahoo tells users they were hit with cookie attack
Laura Hautala reports: Yahoo users found out Wednesday that hackers used a technical trick with cookies to log into their accounts without passwords. “Based on the ongoing investigation, we believe a forged cookie may have been used in 2015 or 2016 to access your account,” Yahoo users were told in an email. Yahoo revealed the…
Data breach hits San Antonio Symphony employees
At first I thought this might be another W-2 phishing incident, but it reads more like a hack. Davi Hendricks reports: Computer hackers broke into the computer network for the San Antonio Symphony this week, stealing the names, birth dates, social security numbers and addresses for about 250 employees, the organization confirmed Tuesday. “This was…