Dan Goodin reports: When the Ashley Madison hackers leaked close to 100 gigabytes’ worth of sensitive documents belonging to the online dating service for people cheating on their romantic partners, there seemed to be one saving grace. User passwords were cryptographically protected using bcrypt, an algorithm so slow and computationally demanding it would literally take centuries…
Category: Hack
NY: Hack of Health Insurer Excellus May Have Exposed 10M Personal Records
AP reports: A health insurer in western New York and affiliates said Wednesday that their computers were targeted last month in a cyberattack that may have provided unauthorized access to more than 10 million personal records. Excellus BlueCross BlueShield, headquartered in Rochester, and Lifetime Healthcare Companies said they’re offering affected individuals in upstate New York…
Records: Energy Department struck repeatedly – and successfully – by cyber attacks
Steve Reilly reports: Cyber attackers successfully compromised the security of U.S. Department of Energy computer systems more than 150 times between 2010 and 2014, according to a review of federal records obtained by USA TODAY. Incident reports submitted by federal officials and contractors since late 2010 to the Energy Department’s Joint Cybersecurity Coordination Center shows a near-consistent…
Pentagon food court computers hacked, exposing employees’ bank information
Jacqueline Klimas reports: Hackers infiltrated the Pentagon food court’s computer system, compromising the bank data of an unknown number of employees. Lt. Col. Tom Crosson, a Defense Department spokesman, said on Tuesday that employees were notified that hackers may have stolen bank account information from people who paid for concessions at the Pentagon with a…
Credentials stored in Ashley Madison’s source code might have helped attackers
Lucian Constantin reports that ongoing examination of the AshleyMadison source code data dump contains evidence that ALM was er…. sloppy: … A London-based security consultant named Gabor Szathmari has now found evidence that ALM’s developers were careless with sensitive credentials, which might have helped attackers once they gained a foothold on the company’s network. In the…
Article: The Good Hacker: A Look at the Role of Hacktivism in Democracy
Ben Monarch, a University of Kentucky College of Law student, has an article that he has uploaded to SSRN that calls for amendments to the Computer Fraud and Abuse Act (CFAA) to recognize hacktivism as a defense. Monarch argues that the U.S. “application of the CFAA and (attempted) simultaneous adherence to Article 19 of the International Covenant on…