Another insider breach: GCI is sending letters to about 400 customers and urging them to check their accounts for any unusual activity. The letters follow the discovery that a former customer telephone service representative may have misused customer-supplied credit card or bank account payment information. Read more on Anchorage Daily News Correction: In an earlier…
Category: Business Sector
UK: Contract catering firm signs undertaking to improve data protection
Without fanfare, the ICO has published an undertaking signed by Holroyd Howe Independent Ltd in Reading. The gist of the breach is that in response to a request for a copy of an ex-employee’s payslip (requested by the ex-employee), the data processor mailed a document disclosing the relevant month’s payslips for all of the contract catering firm’s…
AU: Hackers hit Telstra site (updated)
Ben Grubb reports: Telstra has been hit by a “hacking attack” affecting 35,000 customers, just a week after one of its IT staff told a security conference the telco was reviewing how it secured and stored customer information. The hacking attack occurred on the servers of a third party company that runs Telstra BigPond’s GameArena and Games Shop websites, the telco…
MilitarySingles.com breach back in the news
It looks like the MilitarySingles.com breach is back in the news. Yes, that would be the hack that they denied happened. The newest round of reports flows from a report by Imperva, dissecting the breach. John E. Dunn of Techworld, ITProPortal, and Anne Saita of ThreatPost cover the report and the risks consumer-created content pose for the…
Extensive identity theft operation exposed
Melissa Cutler reports: A California man with North Texas ties is behind bars for drug possession. He was also in a downtown Dallas hotel room that appeared to be the center of an extensive identity theft operation. On Monday Dallas police arrested 26-year-old Justin Bennett. His last known address is in Los Angeles but records…
WHMCS victim of social engineering; over 500,000 client records stolen, deleted from server, and dumped publicly
Why hack when you can socially engineer employees into giving you the keys to the kingdom? Client management billing platform WHMCS reports that hacker group UGNazi successfully socially engineered their web hosting firm into providing the hackers with admin credentials. The hackers then proceeded to acquire their data, delete it, and dump it. The attack…