@SwiftonSecurity kept telling everyone on Twitter that we #MUSTREAD the story of what happened at Shapeshift.io. And with good reason: it’s a phenomenal account of an insider breach told with the kind of refreshing honesty that’s often missing in most breach disclosures. It also reads like a thriller. I’m going to give readers a different…
Category: Business Sector
Court rejects Jetro’s argument in attempt to recoup fines and penalties over breaches
Long-time readers will remember the Restaurant Depot/Jetro breaches reported in 2011 and 2012. It appears that Jetro tried a novel approach to recovering some of the monies the breach cost them. As Dennis S. Klein, Jeffrey B. Goldberg, and Tyler Grove of Hughes Hubbard & Reed LLP explain, the court wasn’t buying their novel argument: … To allow its customers to…
Noodles & Company Probes Breach Claims
Brian Krebs reports: Noodles & Company, a fast-casual restaurant chain with more than 500 stores in 35 U.S. states, says it has hired outside investigators to probe reports of a credit card breach at some locations. Over the past weekend, KrebsOnSecurity began hearing from sources at multiple financial institutions who said they’d detected a pattern of fraudulent…
Children’s Educational Site Exposes Thousands of User Accounts and Payment Data
Another child-oriented site has exposed information due to a misconfigured MongoDB installation. This time, it’s ABCya.com, according to the MacKeeper security research team. Here’s what they reported they found exposed: credentials and information of 11k+ archived customers (including IP addresses, email addresses, names, temporary access codes, hashed and salted passwords) credentials and information on 21k+ active…
Australia: 13,000+ User Accounts Leaked From Fairfax Media Because…. SQLi
I knew if I waited a day, Lee Johnstone would analyze the data and make some sense of it for us. 🙂 RiskBasedSecurity reports: It’s become cliche for news articles about data breaches to begin with: “hardly a day goes by without a new headline announcing yet another data breach”. Today, RBS’ researchers discovered that…
Utah man accused of hacking United Airlines
Meredith Cunningham reports: New details have come to light regarding the 2012 incident where a hacker was able to steal travel vouchers from the United Airlines website, then turn around and sell them for a profit. Ammon Cunningham from Saratoga Springs, Utah, is believed to be the culprit. The case affidavit claims that Cunningham emailed…