The HackersBlog crew, who had previously exposed vulnerabilities in a number of security vendor sites and a social networking site, now reports that they were able to exploit an SQL injection vulnerability to access The Telegraph‘s databases, including one that has 700,000 email addresses and passwords of those receiving the paper’s newsletter. Given how many…
Category: Business Sector
A bug in Google Docs leads to unintended file sharing
Richard de Vries explains on Slashdot: I work for a small Dutch company that uses Google Apps. This means that we can share documents with users within our domain (www.deondernemers.nl), as well as @gmail.com accounts or other Apps-domains. About three weeks ago, we discovered that some fifteen documents and spreadsheets were unintentionally shared with a…
IN: Hotel discards unshredded customer records in dumpster
Liza Danver of WISH-TV in Indiana reports that the Homestead Studio Suites hotel in Indianapolis dumped unshredded hotel guest records into their dumpster, where they were noticed by a guest who contacted the news team. The records appeared to be several years’ old, and included names, home addresses, phone numbers, e-mail addresses, and yes, complete…
Rental Research Services, Inc. settles FTC charges that it sold credit reports to ID thieves
Rental Research Services, Inc. , a consumer reporting agency, and its principal, Lee Mikkelson, settled FTC charges that they failed to properly screen prospective customers and sold at least 318 credit reports to identity thieves. Under the settlement, the company and its principal must ensure that they provide credit reports only to legitimate businesses for…
AU: Bank confirms credit card fraud from Bottle Domains hack
On February 10, the Australian Domain Name Administrator (AuDA) reported that it had been notified by the Australian Federal Police (AFP) of a security incident involving domain registrar Bottle Domains. Another report at the time can be found here. Now eCommerce Report is reporting that one bank has confirmed fraud on some of the credit-cards…
Bits ‘n Pieces
In the justice system: John Shiefer, the Los Angeles computer security consultant who turned thousands of computers into zombies, was sentenced to four years in prison. More. Four Arizona men accused of spending more than $1 million using stolen credit cards are being held in a Maricopa County jail; they allegedly obtained the card numbers…