I usually withhold information about a leaky site until it’s been secured, but when a company repeatedly fails to follow up and ignores notifications by phone and email, and when the company responsible for their site also ignores notification, it’s time to go public, I think. More than one month ago, I was contacted by…
Category: Business Sector
Beauty site lets anyone read customers’ personal information
Darren Pauli reports: Popular online cosmetics site Strawberrynet has asked customers if a function that allows anyone to retrieve its customers names, billing addresses, and phone numbers with nothing more than an email address is a bug or a feature. The bug was first disclosed almost exactly a decade ago and resurfaced after security man Troy Hunt reported the flaw to…
AU: Miner Norton Gold Fields blames human error for leak of employees’ personal and financial details
Jasmine Bamford and Sam Tomlin report: The operators of a Kalgoorlie gold mine have blamed “human error” after the personal and financial details of several hundred employees were emailed to one of their suppliers. Staff at Norton Gold Fields have been advised to monitor their bank accounts, with their names, bank details and tax file…
T-Mobile’s Czech subsidiary gets CZK 3.6 million fine for inadequate safeguards
There’s an update to an insider breach involving the Czech subsidiary of T-Mobile. Telecompaper reports (subscription required) that the Czech data protection watchdog has fined T-Mobile CZK 3.6 million (approximately $150,000) for not having sufficient safeguards in place.
Omegle, the Popular ‘Chat with Strangers’ Service Leaks Your Dirty Chats and Personal Info
Swati Khandelwal reports: Have you heard of Omegle? The popular, free online anonymous chat service that allows you to chat with random strangers, without any registration. The service randomly pairs you in one-on-one chat window where you can chat anonymously over text or webcam. But, are your chats actually Anonymous? No, all your chats are recorded…
Malware Infected All Eddie Bauer Stores in U.S., Canada
Brian Krebs reports: Clothing store chain Eddie Bauer said today it has detected and removed malicious software from point-of-sale systems at all of its 350+ stores in North America, and that credit and debit cards used at those stores during the first six months of 2016 may have been compromised in the breach. The acknowledgement comes nearly…