The California-based Interstitial Cystitis Network is notifying customers of a breach after customers first alerted them that payment cards used on their site had been compromised. In a letter dated October 26, ICN writes that the ICN Mail Order Center (www.icnsales.com) was compromised during the period of April 6, 2015 and October 1, 2015; customers placing orders during…
Category: Business Sector
How Hackers Breached Two Gambling Payment Providers To Harvest ‘Millions’ Of Records ) (UPDATED)
Two breaches seemed small and innocuous at the time, but weren’t. A timely reminder why entities should notify even when they think risk is low. Thomas Fox-Brewster reports: In 2009 and 2010 two separate attacks hit widely-used online gambling payments processors Moneybookers and Neteller. Though they initially appeared innocuous, it now seems both attacks saw millions of…
TalkTalk and “Glubz” (updated)
For reasons that are too contorted or convoluted to fully explain, I’ve been keeping an eye on a number of Twitter accounts that I suspect include those arrested for the TalkTalk breach. But Brian Krebs dug deeper, and gives a master class on identifying “Glubz” (@Fearful). [material deleted, Jan. 4, 2018] Update: As TalkTalk continues to…
TalkTalk offers customer £30.20 ‘final settlement’ after crims nick £3,500
TalkTalk is really turning out to be the poster child for how not to handle a breach. In today’s installment of “Lollipops are Adequate Mitigation, Right?” Alexander J. Martin reports: TalkTalk is trying and failing to mend its broken customer relationships following the recent mega breach, in one case offering an individual who had £3,500 stolen…
AU: SpinTel breaches privacy of 400 customers
Corinne Reichert reports: The Australian Communications and Media Authority (ACMA) has directed telecommunications provider SpinTel to comply with the IPND Industry Code after breaching the privacy of more than 400 customers. SpinTel, a mobile virtual network operator (MVNO) that resells Optus’ 4G and 3G networks for mobile services, and provides home phone and broadband connectivity…
ZA: Crystal Web suffers ADSL security breach
MyBroadband reports: Crystal Web suffered a security breach recently, after DSL subscribers’ username and password information was exposed via an online customer portal. Crystal Web CEO Shaun Kaplan said the “old DSL username and password list” was intended for admins and developers to test portal connectivity with. “This list did not contain any identifiable information of…