The Korea Herald reports: Another hacker suspected of orchestrating a cyberattack on a major South Korean securities firm has been indicted on charges of disrupting the company’s computer network, prosecutors said Wednesday. The Seoul Central District Prosecutors’ Office said the 39-year-old man, identified only by his surname Lee, is suspected of launching a distributed denial-of-service…
Category: Financial Sector
Danish Bank Leaves Server in Debug Mode, Exposes Sensitive Information in JavaScript Comments
Catalin Cimpanu reports: Dutch IT security expert Sijmen Ruwhof has found a pretty big blunder on the part of Danske Bank, Denmark’s biggest bank, which exposed sensitive user session information in the form of an encoded data dump, in their banking portal’s JavaScript files. Mr. Ruwhof started to research Danish banking policies out of curiosity,…
CT: Bank Employee Sentenced to 18 Months in Prison for Stealing More Than $100K from Customer Accounts
The bank was not identified in court documents. Do consumers want to know what bank so they can evaluate whether a bank has sufficient infosecurity checks in place to protect their money and accounts? Withholding the names of victim banks or businesses protects those entities, but does not serve consumers well. Deirdre M. Daly, United…
Scottrade Breach Hits 4.6 Million Customers (Updated)
Brian Krebs reports: Welcome to Day 2 of Cybersecurity (Breach) Awareness Month! Today’s awareness lesson is brought to you by retail brokerage firm Scottrade Inc., which just disclosed a breach involving contact information and possibly Social Security numbers on 4.6 million customers. In an email sent today to customers, St. Louis-based Scottrade said it recently heard…
Chase Can’t Dodge $10M Identity Theft Suit
Rose Bouboushian reports: Chase Bank must face identity theft claims for employees who let money launderers use a customer’s dormant accounts in a Medicare fraud scheme, the Second Circuit ruled Wednesday. Yelena Galper sued JP Morgan Chase Bank N.A. in New York state court in May 2013, claiming several of its employees accepted bribes to…
VacationRentPayment notifies customers whose account application information was hacked
YapStone (VacationRentPayments) is notifying some property managers and others who use their service to receive vacation rental payments that personal information in their account applications was compromised by unauthorized persons. In a letter dated September 11, YapStone CEO Thomas J. Villante writes that email and postal address, Social Security number, driver’s license number, date of birth, and bank…