Christine MacDonald reports on two breaches in the Detroit area: Police are investigating two incidents in which patients’ medical records — including social security numbers — were stolen from the city’s health department. The first theft occurred in late October when a flash drive was stolen from a health department employee’s car. It contained files…
Category: Breach Incidents
Personal Data At Risk After SQL Flaw Discovered
Sophie Curtis reports: A SQL injection flaw on a social networking app developer site has compromised the security of users and could lead to identity theft A SQL injection flaw has been discovered in Rockyou.com – a social networking application development website used by app developers for Bebo, Facebook and Myspace. The flaw could have…
Dollar Tree hacked over weekend, business as usual on Monday
Bryan Baker of WRDW in Georgia reports that Dollar Tree in North Augusta was hacked over the weekend: Employees say someone hacked into the store’s computers, potentially exposing sensitive customer information. North Augusta Public Safety says so far there have been no identity theft complaints from Dollar Tree customers. The store agreed, telling News 12…
HSBC Heist Includes Data on 130,000 Clients Worldwide, JDD Says
Le Journal du Dimanche (JDD) reports that the data stolen from HSBC in Geneva includes information on 130,000 clients from around the world, according to a story in Bloomberg News that cites the paper and a French prosecutor, Eric de Montgolfier. A former employee at the Swiss bank leaked the information to de Montgolfier, who…
Bank firewalls cracked by cyberhackers
Joseph Menn reports that according to the FBI, cyberhackers were able to directly drain $40 million from bank accounts so far this year, “primarily targeting the small and mid-sized businesses that are themselves customers of small and mid-sized banks.” Jeffrey Troy, chief of the FBI’s cybercrime section, told the Financial Times that online bank thefts…
Two Official Kaspersky Websites Hacked
Lucian Constantin reports: A grey hat hacker has found a critical SQL injection weakness on the official Kaspersky Lab websites in Malaysia and Singapore. Exploiting the vulnerability leads to full compromise of the underlying database, which contains customer information, product keys and other sensitive data. The attack has been documented by a Romanian hacker calling…