So TrustHCS hires Human Resource Advantage (“HR Advantage”) to provide employment resources support. HR Advantage stupidly (yes, I said stupidly) sends unencrypted employee information on a thumb drive via U.S. mail to TrustHCS. The information included names, Social Security numbers, dates of birth, bank account information, postal and email addresses, and any leave of absence…
Category: Business Sector
Bitcoin wallet service Coinbase denies security breach as user names posted online
Tim Hornyak reports: Bitcoin wallet service Coinbase has denied it suffered a security breach, but acknowledged that a list of some of its users has been circulating on the Web. “Despite speculation on a few forums, there has been no data breach of names or emails at Coinbase,” the service said in a blog post….
BBC confirms ‘data protection breach’
BBC reports: The BBC has said it is “urgently investigating” a breach of data protection by a former TV researcher. The researcher, employed by an independent production company, spent four days working on Monday’s Panorama. The show found that Lutfur Rahman, Tower Hamlets’ mayor, had increased funding to some Bengali-run charities. Opponents accused him of…
Hack of Boxee.tv exposes password data, messages for 158,000 users
Dan Goodin reports: Hackers posted names, e-mail addresses, message histories, and partially protected login credentials for more than 158,000 forum users of Boxee.tv, the Web-based television service that was acquired by Samsung last year, researchers said. The breach occurred no later than last week, when a full copy of the purloined forum data became widely available,…
Password bug let me see shoppers’ credit cards in eBay ProStores, claims infosec bod
John Leyden reports: A serious vulnerability that potentially allowed shoplifters to empty eBay ProStores shops and swipe customer credit cards has been fixed – according to the security researcher who says he found the hole. Mark Litchfield, an infosec pro at Securatary, told us he discovered a flaw in eBay-owned ProStores that not only opened the door…
Angry Birds developers downplay fresh data leak claims
John Leyden reports: The developers of Angry Birds have hit back at renewed allegations that the ultra-popular game leaks users’ personal information. Security vendor FireEye put out a detailed critique of Angry Birds last week claiming that the smartphone game leaked data like a sieve. […] Rovio, the Finnish firm behind Angry Birds, downplayed these concerns while adding that it was migrating…