Email sent to Cerebus App users today (confirmed by Cerebus): Hi [username], Our Security Team recently discovered and blocked suspicious activity on Cerberus servers. The investigation found no evidence that your account was in any way accessed or compromised. However, the attacker(s) were able to gain access to usernames and encrypted passwords for a subset of…
Category: Breach Incidents
Michaels Stores: two months later, no update?
On January 25, Michaels Stores issued a statement that began: Michaels Stores, Inc. (the “Company” or “Michaels”) recently learned of possible fraudulent activity on some U.S. payment cards that had been used at Michaels, suggesting that the Company may have experienced a data security attack. The Company is working closely with federal law enforcement and is conducting an…
Law firm notifies employees after vendor’s server accessed
So here’s another case where a vendor’s database was accessed by someone who was able to acquire a client’s login credentials: The international law firm of McKenna Long & Aldridge notified the Maryland Attorney General’s Office on February 26 that 441 current and former employees’ W-2 information and other information were involved: As a result…
Computer theft at Greenleaf Book Group
A janitor is suspected of being responsible for the theft of five desktop computers and laptops from the Austin, Texas office of Greenleaf Book Group (GBG). The theft was discovered on January 18. At least one of the computers held current and past customer and vendor information including names, email addresses, credit card information, and in…
Payroll processor hack affects at least two clients’ employees
The breach at payroll processor BenefitMall (formerly Compupay) that affected Kenerson Associates also affected the Tribeca Film Institute, according to this notification to the Maryland Attorney General’s Office and to affected employees. If anyone sees other notifications from other affected clients, please let me know and I’ll add them here.
UK: Morrisons supermarket suffers major payroll data breach (Updated)
John E. Dunn reports: British supermarket Morrisons has reportedly suffered a major data breach which saw the pay-roll data of an unknown number of its 100,000 staff stolen and published on a website. In an email sent to staff and later seen by TV media, the attack was said to have involved the theft of…