Joseph Menn reports that according to the FBI, cyberhackers were able to directly drain $40 million from bank accounts so far this year, “primarily targeting the small and mid-sized businesses that are themselves customers of small and mid-sized banks.” Jeffrey Troy, chief of the FBI’s cybercrime section, told the Financial Times that online bank thefts…
Category: Breach Incidents
Two Official Kaspersky Websites Hacked
Lucian Constantin reports: A grey hat hacker has found a critical SQL injection weakness on the official Kaspersky Lab websites in Malaysia and Singapore. Exploiting the vulnerability leads to full compromise of the underlying database, which contains customer information, product keys and other sensitive data. The attack has been documented by a Romanian hacker calling…
Businesses still plagued by data breaches
An article by Jackie Noblett includes references to some recent breach notifications affecting Massachusetts residents that I do not recall ever seeing covered in the media: Three separate breaches at State Street Corp. affecting 42 Massachusetts residents involved State Street employees accidentally sending personal information of a customer to the wrong client or financial adviser…
Microsoft and Danger to blame for Sidekick data loss – lawsuit
Courthouse News has uploaded a copy of a class action lawsuit against Microsoft and Danger Inc. The complaint, filed by Terrence and Katie Teraszcka, Adam Beckelman, and Michael Guerrero in Cook County Court on November 17th, alleges that the defendants negligently failed to back up data before a network upgrade, resulting in Sidekick users losing…
Update: Notre Dame U. breach affected 24,000 (updated)
As an update on a Notre Dame University breach involving exposure of personal information including SSN on the web, Sarah Mervosh of The Observer reports that 24,000 individuals, mostly employees but some students who worked for the university, were affected by the incident. Reactions to the university’s handling of the breach and notification varied, depending…
T-Mobile data scam detected a year ago
Chris Williams reports: The Information Commissioner’s Office (ICO) has been investigating the theft and sale of T-Mobile customers’ personal data for almost a year, it has emerged. News of the security breach, which saw rogue staff at the mobile operator divulge contract details to cold-calling marketeers, was only released to customers last month. According to…