Jeremy Kirk reports: Online storage service Dropbox accidentally turned off password authentication for its 25 million users for four hours on Monday — although “much less than 1%” of those accounts were accessed during the period, the company said. It is still investigating whether any of those accounts were improperly accessed. Dropbox CTO Arash Ferdowsi wrote…
Category: Business Sector
Hackers claim 177K e-mails from Sony Pictures France
Erica Ogg reports: Sony’s turn as the whipping boy for Internet hackers continued over the weekend. Two hackers posted a list of e-mails they say they took from the Sony Pictures France Web site. The two hackers who claim responsibility are a Lebanese student who goes by the handle Idahc, and a French friend of his…
Sony Portugal latest to fall to hackers
On June 9, Chester Wisniewski wrote (but I missed): The same Lebanese hacker who targeted Sony Europe on Friday has now dumped a database from Sony Portugal. The hacker claims to be a grey hat, not a black hat, according to his post to pastebin.com. “I am not a black hat to dump all the…
Centaur website reveals guests’ personal info
Shilpa Phadnis reports: The Centaur Hotels’ website, centaurhotels.com, appears to have compromised personal information of its hotel guests, in what seems to be a case of poor internet security protocols implemented by the site. This allowed website visitors on Saturday to obtain and view details of passports, driving licences, pan numbers, credit cards, and other…
More details emerging on SEGA Pass hack
AFP has more on breach first disclosed by SEGA on Friday: Hackers have stolen the personal data of some 1.29 million customers of the Japanese game maker Sega, the company said on Sunday, in a theft via a website of its European unit. The Sega Pass website, operated by London-based Sega Europe, did not contain…
Man Charged With $1 Million Extortion Hack at ODesk
Robert McMillan has more on the oDesk breach/extortion attempt I mentioned yesterday on this blog. Significantly, Bob reports: On Friday, oDesk said no user information had been compromised by the hack. “We will continue to work with law enforcement to ensure that the person who unlawfully accessed our domain registry in 2009 is held accountable…