Kelly Zegers reports: Hampton Jitney customers received an email early Friday alerting them to a security breach that may have compromised personal information stored with the company and were advised to change their passwords, according to a copy of the email. The incident was discovered Wednesday, the email from Hampton Jitney President Geoffrey Lynch said….
Category: Business Sector
Yahoo responds to Senators’ questions about breaches
Yahoo has responded to the letter sent by Republican Senators John Thune, Commerce Committee Chairman, and Jerry Moran, Consumer Protection, Product Safety, Insurance and Data Security Subcommittee Chairman. The letter had been sent because the senators felt they weren’t getting enough cooperation from the firm. You can read Yahoo’s response here (pdf). See what you think. The firm…
Cloudbleed: Big web brands leaked crypto keys, personal secrets thanks to Cloudflare bug
Iain Thomson reports: Big-name websites leaked people’s private session keys and personal information into strangers’ browsers, due to a Cloudflare bug uncovered by Google security researchers. Cloudflare helps companies spread their websites and online services across the internet. Due to a programming blunder, for several months Cloudflare’s systems slipped random chunks of server memory into…
Someone Is Selling Coachella User Accounts on the Dark Web
Joseph Cox reports: A data trader claims to be selling over 950,000 user accounts for the website of popular music festival Coachella. The data includes email addresses, usernames and hashed passwords. “Coachella complete database dump from this month,” the vendor, who uses the handle Berkut, writes in their listing on the Tochka dark web marketplace….
Millions of IGN and PCMag user records sit exposed, online
Chris Bing reports: A website configuration issue affecting itmanagement.com, a property owned by New York City digital publisher Ziff Davis, can be exploited to access a company database full of private user contact information, including names, phone numbers, employment details, email and employer addresses. The database also contains contact information for users registered on other Ziff Davis properties….
How to Bury a Major Breach Notification
There are ways to bury a breach disclosure other than waiting until after 3 pm on the Friday of a holiday weekend. Brian Krebs reports: Amid the hustle and bustle of the RSA Security Conference in San Francisco last week, researchers at RSA released a startling report that received very little press coverage relative to its overall…