Phillip Molnar reports on yet another breach of employee W-2 data via phishing: The tax and revenue information for roughly 14,000 employees of the third-largest parking company in the nation, which operates in San Diego and Los Angeles, may have been stolen by an “unknown individual,” the company says. LAZ Parking said Tuesday that the…
Category: Breach Incidents
Yet more phishing-based compromises involving W-2 tax statement data (Update-24)
(Note: the following is not a complete list… it’s just a list I started after the first few posts on this topic suggested that there would be a lot more. See the “phishing” category of this site for earlier entries this year.) Reports continue to come in to state attorneys general involving the successful spear phishing…
GhostShell, On the Record – Why did he really disappear in 2013?
This post is part of an extended interview conducted by DataBreaches.net and CyberWarNews.info with the hacker formerly known as “GhostShell.” In a March, 2013 interview with Eduoard Kovacs, GhostShell was asked whether he was taking a break from hacking and whether it was because of law enforcement. GS answered him at the time: I’m taking…
So you found some records in the street? Now what do you do?
Sometimes people who find documents with personal information don’t know to whom to return them. Other times, they may know, but refuse to return them or stall in returning them. And yet others may decide to go to the media. Why people make the choices they make is beyond the scope of this blog, but…
Malware suspected in Bangladesh bank heist: officials
Serajul Quadir reports: Investigators suspect unknown hackers installed malware in the Bangladesh central bank’s computer systems and watched, probably for weeks, for how to go about withdrawing money from its U.S. account, two bank officials briefed on the matter said on Friday. More than a month after hackers breached Bangladesh Bank’s systems and attempted to…
HawkingTech.com compromised – again
Well, I emailed Hawking Technology (HawkingTech.com) on March 8 and again on March 10, and they never replied, but because some of their data have been publicly dumped, I may as well post this. There were over 25,000 rows with fields for username, password, and email address in the data dump. The passwords were MD5 and easily cracked, including…