Without fanfare, the ICO has published an undertaking signed by Holroyd Howe Independent Ltd in Reading. The gist of the breach is that in response to a request for a copy of an ex-employee’s payslip (requested by the ex-employee), the data processor mailed a document disclosing the relevant month’s payslips for all of the contract catering firm’s…
Category: Business Sector
AU: Hackers hit Telstra site (updated)
Ben Grubb reports: Telstra has been hit by a “hacking attack” affecting 35,000 customers, just a week after one of its IT staff told a security conference the telco was reviewing how it secured and stored customer information. The hacking attack occurred on the servers of a third party company that runs Telstra BigPond’s GameArena and Games Shop websites, the telco…
MilitarySingles.com breach back in the news
It looks like the MilitarySingles.com breach is back in the news. Yes, that would be the hack that they denied happened. The newest round of reports flows from a report by Imperva, dissecting the breach. John E. Dunn of Techworld, ITProPortal, and Anne Saita of ThreatPost cover the report and the risks consumer-created content pose for the…
Extensive identity theft operation exposed
Melissa Cutler reports: A California man with North Texas ties is behind bars for drug possession. He was also in a downtown Dallas hotel room that appeared to be the center of an extensive identity theft operation. On Monday Dallas police arrested 26-year-old Justin Bennett. His last known address is in Los Angeles but records…
WHMCS victim of social engineering; over 500,000 client records stolen, deleted from server, and dumped publicly
Why hack when you can socially engineer employees into giving you the keys to the kingdom? Client management billing platform WHMCS reports that hacker group UGNazi successfully socially engineered their web hosting firm into providing the hackers with admin credentials. The hackers then proceeded to acquire their data, delete it, and dump it. The attack…
AU: Fish, chips, and a side order of card fraud
Ben Grubb reports that the number of data breaches in Australia is at least double what is reported to the government because there is no mandatory breach notification law. And not surprisingly, many of the breached entities are small businesses. Read more on Sydney Morning Herald.