Joseph Cox reports: A hacker on the dark web forum Hell claims to have sold the email addresses and plaintext passwords of over 27 million users of dating site Mate1.com. “Their server was compromised and the MySQL database was dumped,” the hacker, who asked to remain anonymous, told Motherboard. “I had shell/command access to their server.” Read…
Category: Business Sector
Snapchat “just impossibly sorry” after employee payroll data compromised in BEC scam
John Russell reports that a number of Snapchat’s current and former employees had their payroll information stolen after an employee fell for what has become a common attack known as BEC (Business Email Compromise). In BEC, a scammer poses as a corporate executive and sends an email requesting payroll or customer data. “Last Friday, Snapchat’s payroll department was targeted by an…
Some Time Warner Business Class customer data hacked and dumped by TeaMp0isoN
It looks like TeaMp0isoN’s been busy again. This time it’s the Time Warner Cable Business Class Managed Security Solutions portal that got hacked with the following defacement left as a message: The @TeaMp0sioN Twitter account announced the breach by Pseudo, Militis, Jimmy, and MLT on Sunday afternoon, followed shortly by a data dump consisting of 4,191 records containing…
UK: IS hackers attack solar energy firm
BBC reports: Hackers supporting the Islamic State group launched an attack on a small solar energy company in Sussex with just 11 members of staff. The so-called Caliphate Cyber Army (CCA) said it took down the Solar UK site in revenge for a drone strike which killed Junaid Hussain, a British hacker in Syria. It later…
uKnowKids updates its breach report and answers a question I posed
There’s an update to uKnowKids’ breach disclosure, here. They assert that their analysis shows only one IP address – presumably researcher Chris Vickery’s – downloaded any data from their misconfigured database. They do not name the provider responsible for security the database. According to their statement, the misconfigured instance of the database occurred on December…
FTC Says Listen Up When Vulnerability Reports Come In
James Denvil and Paul Otto of Hogan Lovells write: The FTC wants companies to listen. More precisely, the FTC wants companies to pay attention to and promptly to respond to reports of security vulnerabilities. That’s a key takeaway from the Commission’s recent settlement with ASUSTek (“ASUS”). In its complaint against the Taiwanese router manufacturer, the FTC alleged that ASUS…