Clifford Lee reports A technical glitch led to the personal details, including the residential address, of a single Singtel customer to be revealed to other customers when they logged-in to their My Singtel mobile application on Monday night (Feb 29), sparking fears that more data had been compromised. Read more on Today.
Category: Business Sector
Hacker Claims to Have Sold 27M Mate1.com Passwords
Joseph Cox reports: A hacker on the dark web forum Hell claims to have sold the email addresses and plaintext passwords of over 27 million users of dating site Mate1.com. “Their server was compromised and the MySQL database was dumped,” the hacker, who asked to remain anonymous, told Motherboard. “I had shell/command access to their server.” Read…
Snapchat “just impossibly sorry” after employee payroll data compromised in BEC scam
John Russell reports that a number of Snapchat’s current and former employees had their payroll information stolen after an employee fell for what has become a common attack known as BEC (Business Email Compromise). In BEC, a scammer poses as a corporate executive and sends an email requesting payroll or customer data. “Last Friday, Snapchat’s payroll department was targeted by an…
Some Time Warner Business Class customer data hacked and dumped by TeaMp0isoN
It looks like TeaMp0isoN’s been busy again. This time it’s the Time Warner Cable Business Class Managed Security Solutions portal that got hacked with the following defacement left as a message: The @TeaMp0sioN Twitter account announced the breach by Pseudo, Militis, Jimmy, and MLT on Sunday afternoon, followed shortly by a data dump consisting of 4,191 records containing…
UK: IS hackers attack solar energy firm
BBC reports: Hackers supporting the Islamic State group launched an attack on a small solar energy company in Sussex with just 11 members of staff. The so-called Caliphate Cyber Army (CCA) said it took down the Solar UK site in revenge for a drone strike which killed Junaid Hussain, a British hacker in Syria. It later…
uKnowKids updates its breach report and answers a question I posed
There’s an update to uKnowKids’ breach disclosure, here. They assert that their analysis shows only one IP address – presumably researcher Chris Vickery’s – downloaded any data from their misconfigured database. They do not name the provider responsible for security the database. According to their statement, the misconfigured instance of the database occurred on December…