Jennifer Bjorhus reports: The U.S. Secret Service has called the criminals behind Target Corp.’s monster security breach well-organized, “highly technical” and “sophisticated.” But cybersecurity firm McAfee Inc. said in a report out Monday that the heist was anything but exotic, describing the attack as a Breach 101 operation. The thieves used easily modified off-the-shelf malware, common methods…
Category: Business Sector
Telstra fined, warned after new privacy breach
Mitchell Bingemann reports: TELSTRA has been fined $10,200 and warned over privacy breaches after an information leak exposed almost 16,000 of its customers’ private data online. In a joint investigation by the federal Privacy Commissioner and the communications watchdog, Telstra was found to have breached the Privacy Act by exposing online the data of some…
Statista Says Around 50,000 Users Are Impacted by Data Breach
Eduard Kovacs reports: On Saturday, we learned that statistics company Statista suffered a data breach. The company has responded to my inquiry about the incident and provided additional details. It turns out that roughly 50,000 users are impacted by the data breach. The incident was discovered after spam emails started landing in email addresses that have…
Experian Lapse Allowed ID Theft Service Access to 200M Consumer Records – Krebs
Brian Krebs writes: In October 2013, KrebsOnSecurity published an exclusive story detailing how a Vietnamese man running an online identity theft service bought personal and financial records on Americans directly from a company owned by Experian, one of the three major U.S. credit bureaus. Today’s story looks deeper at the damage wrought in this colossal misstep by one…
The Timken Company notifying 5,000 associates after data exposed on insecure server
Ohio-based The Timken Company, a global steel and bearing manufacturer and supplier, is notifying current and former associates and job applicants of a data security breach that occurred on January 30 and was discovered February 19. The breach occurred when a file containing personal information was stored on a server normally used for interchange of non-confidential information…
Uncle Giuseppe’s Marketplace reports hacker accessed payment card data
Tom Incantalupo reports that Long Island-based Uncle Giuseppe’s Marketplace is notifying customers of three of its stores that hackers may have acquired payment card numbers and expiration dates – but not cardholder names, personal identification numbers, security codes, customer addresses or any other personal information. The retailer learned of the breach when they were contacted by a…