Dan Goodin reports: GitHub is experiencing an increase in user account hijackings that’s being fueled by a rash of automated login attempts from as many as 40,000 unique Internet addresses. The site for software development projects has already reset passwords for compromised accounts and banned frequently used weak passcodes, officials said in an advisory published Tuesday…
Category: Business Sector
Cupid Media Hack Exposed 42M Passwords
Brian Krebs reports: An intrusion at online dating service Cupid Media earlier this year exposed more than 42 million consumer records, including names, email addresses, unencrypted passwords and birthdays, according to information obtained by KrebsOnSecurity. The data stolen from Southport, Australia-based niche dating service Cupid Media was found on the same server where hackers had amassed tens…
vBulletin.com Hacked, Customer Data Stolen
Mathew J. Schwartz reports: Are all recent versions of the vBulletin online forum software vulnerable to a zero-day exploit that would give attackers full access to the targeted system? That’s the claim being made by European hacking group “Inj3ct0r Team,” which Thursday took to Facebook to take credit for recently hacking, not only Macrumors.com, but also vBulletin.com,…
Keyloggers found on 10 Nordstrom registers in Florida (update1)
Ten registers in Nordstrom stores in Aventura Florida reportedly were tampered with and had keyloggers attached.Video footage from security revealed that the criminals worked in groups to distract and install the keyloggers between August 14 and October 5, when Nordstrom discovered the problem. Nordstrom believes that some customer data may have been compromised, but all…
Experian reports yet another breach of its database via stolen or misused client login
No, it’s not one of the monster breaches that Brian Krebs reports on, but the kind of smaller breach I’ve been tabulating wherein Experian fails to adequately protect consumer credit reports from someone stealing or misusing a client’s login. In its most recent disclosure, dated November 8, Experian reported that individuals’ credit reports were accessed…
Clarity Media Group notifies current and former employees that stolen laptop held unencrypted PII
Clarity Media Group is notifying some current and former employees and employees of subsidiaries or Freedom Communications (the previous owner of the Colorado Springs Gazette) that their personal information, including Social Security numbers and 401(k) balance may have been on a laptop stolen from a subsidiary’s employee. You can read their notification here (pdf)