Brian Krebs writes: On Monday, KrebsOnSecurity notified the Municipal Bond Insurance Association — the nation’s largest bond insurer — that a misconfiguration in a company Web server had exposed countless customer account numbers, balances and other sensitive data. Much of the information had been indexed by search engines, including a page listing administrative credentials that attackers could use to…
Category: Business Sector
Update to AT&T insider breach
Mainstream media has now caught up with the AT&T insider breach I reported on October 3. Reuters reports that 1,600 customers have been notified of the potential compromise of their information.
Why would you let people register their information on your site if you suspect you’ve been hacked?
“WhoComplies” sends along word of his frustrating experience dealing with his child’s apartment complex in California. The complex is owned and operated by Essex Property Trust. Essex is a real estate investment trust (REIT) that acquires, develops, redevelops, and manages 140 multifamily apartment communities in California and Washington. To make monthly rent payments, WhoComplies decided to…
UK: Housing association publishes thousands of tenants’ private details in online data breach
Max Salisbury reports: A Midlands-based housing association has been slammed after it somehow managed to publish the private and intimate details of thousands of its tenants online. South Staffordshire Housing Association (SSHA) published residents’ names, telephone numbers, addresses, family affairs and health details on the ‘Contact Us’ page of its website. Though the private data…
Yahoo Says No Data Stolen in Shellshock Hack
Chris Strohm reports: Yahoo! Inc.’s computer servers were breached by hackers exploiting the Shellshock security hole, although no user data was compromised, the company said in a statement. “Last night, we isolated a handful of our impacted servers and at this time we have no evidence of a compromise to user data,” according to the…
Five indicted in Saks Fifth Avenue customer info theft scheme
Following up on a previously noted breach, five people have been indicted in the acquisition and misuse of nearly two dozen Saks Fifth Avenue customers’ information.