Sophie Curtis reports: A SQL injection flaw on a social networking app developer site has compromised the security of users and could lead to identity theft A SQL injection flaw has been discovered in Rockyou.com – a social networking application development website used by app developers for Bebo, Facebook and Myspace. The flaw could have…
Category: Breach Incidents
Dollar Tree hacked over weekend, business as usual on Monday
Bryan Baker of WRDW in Georgia reports that Dollar Tree in North Augusta was hacked over the weekend: Employees say someone hacked into the store’s computers, potentially exposing sensitive customer information. North Augusta Public Safety says so far there have been no identity theft complaints from Dollar Tree customers. The store agreed, telling News 12…
HSBC Heist Includes Data on 130,000 Clients Worldwide, JDD Says
Le Journal du Dimanche (JDD) reports that the data stolen from HSBC in Geneva includes information on 130,000 clients from around the world, according to a story in Bloomberg News that cites the paper and a French prosecutor, Eric de Montgolfier. A former employee at the Swiss bank leaked the information to de Montgolfier, who…
Bank firewalls cracked by cyberhackers
Joseph Menn reports that according to the FBI, cyberhackers were able to directly drain $40 million from bank accounts so far this year, “primarily targeting the small and mid-sized businesses that are themselves customers of small and mid-sized banks.” Jeffrey Troy, chief of the FBI’s cybercrime section, told the Financial Times that online bank thefts…
Two Official Kaspersky Websites Hacked
Lucian Constantin reports: A grey hat hacker has found a critical SQL injection weakness on the official Kaspersky Lab websites in Malaysia and Singapore. Exploiting the vulnerability leads to full compromise of the underlying database, which contains customer information, product keys and other sensitive data. The attack has been documented by a Romanian hacker calling…
Businesses still plagued by data breaches
An article by Jackie Noblett includes references to some recent breach notifications affecting Massachusetts residents that I do not recall ever seeing covered in the media: Three separate breaches at State Street Corp. affecting 42 Massachusetts residents involved State Street employees accidentally sending personal information of a customer to the wrong client or financial adviser…