Dylan Tweney reports: An Amazon.com security flaw allows some customers to log in with variations of their actual password that are close to, but not exactly, their real password. The flaw lets Amazon accept as valid some passwords that have extra characters added on after the 8th character, and also makes the password case-insensitive. For…
Category: Business Sector
2011: The Year of Epic Hacking
Darlene Storm has an interesting recap of some breaches in the first month of 2011 that includes a breach this blog didn’t even know about. Specifically: In India, Domino’s Pizza database of online ordering customers was hacked. It sent a letter to customers, alerting them of the breach, yet the company sort of blew it off…
Was a package of W-2’s shipped by Ceridian via FedEx tampered with? Ember Corp. prudently decides not to take chances.
Boston-based Ember Corporation is notifying 50 current and former employees of a possible breach after a package shipped by its payroll provider, Ceridian, via FedEx appeared to have been tampered with during shipment. In a notification to the New Hampshire Attorney General’s Office, Ember’s counsel indicated that the package arrived on January 10 but two…
Hamilton Beach e-commerce sites compromised; customers notified
J. Press wasn’t the only company reporting a server breach that occurred on or about January 5. Hamilton Beach has also notified the New Hampshire Attorney General’s Office of a breach that occurred on January 5. The company reports that they discovered some “hacker code” had been inserted on a dedicated server that hosts www.hamiltonbeach.com…
J. Press notifies online customers of database compromise
J. Press, a company that sells clothes online for students at Ivy League colleges, has notified the New Hampshire Attorney General’s Office that its web site, jpressonline.com, was compromised on or about January 5. The intrusion reportedly resulted in access to and/or acquisition of customer names, addresses, order information and credit card information for orders…
Stolen KBR laptop “may have” contained employee and contractor personal info
A stolen laptop with employee and contractor information belonging to Houston-based engineering and construction firm KBR was reported to the New Hampshire Attorney General’s Office on January 21. The date of theft was not mentioned, nor were the total number of individuals who had their names, dates of birth, addresses, Social Security Numbers and Employee ID…