Brian Krebs reports: Last week, I learned about a vulnerability that exposed all 866 million account credentials harvested by pwnedlist.com, a service designed to help companies track public password breaches that may create security problems for their users. The vulnerability has since been fixed, but this simple security flaw may have inadvertently exacerbated countless breaches by preserving the data lost in them…
Category: Business Sector
Federal contractor with cybersecurity ties notifies employees after W-2 info acquired by targeted phishing
I’ve continued to add entities to my list of firms or entities where employee W-2 information was successfully phished by emails purporting to be from an entity’s executive. One notification I read this morning made me cringe because the firm that was successfully phished has contracts with the government involving mission critical systems for U.S. and coalition…
Some Users of InnerChef Had Info Hacked and Leaked
Siriam Sharma reports: An anonymous hacker has been able to infiltrate food delivery startup InnerChef‘s servers, and has leaked a partial list of names, phone numbers, and email addresses used at registration to demonstrate the exploit. Gadgets 360 confirmed the data breach by calling and verifying three of the phone numbers provided in the list…
Millions of User Accounts for Streaming App ’17’ Hacked and Up for Sale
Joseph Cox reports: A hacker is advertising a cache of email addresses, poorly secured passwords, phone numbers, and other information from users of photo sharing and video streaming app ’17’, which is particularly popular in Asia. The data is being sold on The Real Deal, a dark web market that specialises in stolen information and computer exploits. The data…
Protected: Accessing Movimiento Ciudadano’s database was as easy as 1, 2, 3
There is no excerpt because this is a protected post.
AU: Gumtree Australia notifies users of breach
As if he doesn’t have enough breaches to report on, Lee J. (@Cyber_War_News on Twitter) just received a breach notification letter from Gumtree Australia, an online classified ads site. Lee shared it on Pastebin: Dear Lee, We are writing to let you know that some of your Gumtree account information was compromised in a security attack…