John Russell reports that a number of Snapchat’s current and former employees had their payroll information stolen after an employee fell for what has become a common attack known as BEC (Business Email Compromise). In BEC, a scammer poses as a corporate executive and sends an email requesting payroll or customer data. “Last Friday, Snapchat’s payroll department was targeted by an…
Category: Business Sector
Some Time Warner Business Class customer data hacked and dumped by TeaMp0isoN
It looks like TeaMp0isoN’s been busy again. This time it’s the Time Warner Cable Business Class Managed Security Solutions portal that got hacked with the following defacement left as a message: The @TeaMp0sioN Twitter account announced the breach by Pseudo, Militis, Jimmy, and MLT on Sunday afternoon, followed shortly by a data dump consisting of 4,191 records containing…
UK: IS hackers attack solar energy firm
BBC reports: Hackers supporting the Islamic State group launched an attack on a small solar energy company in Sussex with just 11 members of staff. The so-called Caliphate Cyber Army (CCA) said it took down the Solar UK site in revenge for a drone strike which killed Junaid Hussain, a British hacker in Syria. It later…
uKnowKids updates its breach report and answers a question I posed
There’s an update to uKnowKids’ breach disclosure, here. They assert that their analysis shows only one IP address – presumably researcher Chris Vickery’s – downloaded any data from their misconfigured database. They do not name the provider responsible for security the database. According to their statement, the misconfigured instance of the database occurred on December…
FTC Says Listen Up When Vulnerability Reports Come In
James Denvil and Paul Otto of Hogan Lovells write: The FTC wants companies to listen. More precisely, the FTC wants companies to pay attention to and promptly to respond to reports of security vulnerabilities. That’s a key takeaway from the Commission’s recent settlement with ASUSTek (“ASUS”). In its complaint against the Taiwanese router manufacturer, the FTC alleged that ASUS…
Computer hacker extradited from Cyprus to Pittsburgh to face charges
First they caught the botnet administrator in Cyprus. Then they extradited him to Pittsburgh. Andrew Conte reports: Andrey Ghinkul, of Moldova, is scheduled to appear at 2 p.m. at the U.S. Courthouse, Downtown. He plans to plead not guilty, his lawyer, Arkady Bukh of New York City, told the Tribune-Review. Ghinkul will be represented by a public defender…