Ethan Wolff-Mann reports: Equifax used the word “admin” as both password and username for a portal that contained sensitive information, according to a class action lawsuit filed in federal court in the Northern District of Georgia. The lawsuit, filed in January, went viral on Twitter Friday after Buzzfeed reporter Jane Lytvynenko came across the detail. Read more…
Category: Hack
Blame uni’s lax security for data leak, says UM hacker
There’s more on the University of Malay breach noted yesterday. MalaysiaKini is reporting: MrX’, which claimed to be the hacker who yesterday dumped vast amounts of personal data belonging to University of Malaya (UM) staff, said the varsity is to blame for the data breach due to its lax online security. “Guess who? Security is…
Universiti Malaya: No data compromised in E-Pay portal hack
Angelin Yeoh and Christina Chin report: No data or information was compromised after the Universiti Malaya (UM) E-Pay Cashless Payment and Records portal was hacked, according to the university. The portal, which was inaccessible since late Thursday night after it was defaced with a message that included hashtags #NoRasis and #UndurVC, is expected to be…
Zappos data breach settlement: users get 10% store discount, lawyers get $1.6m
Long-time readers will remember the 2012 Zappos breach that impacted 24 million of their online customers. The breach and its resulting litigation have been covered on this site previously, including Zappos’s failure in March of this year to get the Supreme Court to hear their appeal of a Ninth Circuit decision that had allowed the…
No Kremlin Link Found to Russian Hacker Awaiting Extradition in Israel; One of Top 100 Hackers in the World?
Josh Breiner, Bar Peleg and Liza Rozovsky report: The U.S. Secret Service did not find any links between Russian hacker Aleksey Burkov and Russian intelligence, or any other government officials, the special agent who led the investigation, Erik Rasmussen, told Haaretz. Burkov’s name never came up in security contexts, or in Russian involvement in the…
Montgomery County Public Schools forces password reset after Naviance hacked
Update: It was a Maryland student who did it. Brad Shear forwarded a notice he received yesterday concerning a breach impacting students of the Montgomery County Public School District. The cover email, from Luana Zimmerman of college career service Naviance began: Due to a recent data security incident in Naviance that affected one of our…