Joseph N. DiStefano reports: Wawa, the Delaware County-based convenience store and gas station chain, paid $10.7 million last year linked to a 2019 breach of its customer payment security systems. But now it wants that money back — and more. On Monday in federal court in New York, Wawa sued Mastercard, the giant payment-card network,…
Category: Business Sector
Sunwing president apologizes to stranded passengers, says outage result of cyberattack
Joshua Freeman reports that a Canadian airline’s flights were disrupted after an attack on the firm that provides its check-in system: “Obviously, this is a terrible situation and one that we didn’t expect,” Sunning CEO Mark Williams told CP24 in an interview. “Certainly apologize to everyone for the inconvenience this has caused. By Tuesday, it…
GitHub: Attacker breached dozens of orgs using stolen OAuth tokens
Sergiu Gatlan reports: GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories. Since this campaign was first spotted on April 12, 2022, the threat actor has already accessed and stolen data from dozens of victim organizations using Heroku and Travis-CI-maintained OAuth apps, including…
DHS investigators say they foiled cyberattack on undersea internet cable in Hawaii
Meanwhile, last week, AJ Vicens reported: Federal agents in Honolulu last week “disrupted” an apparent cyberattack on an unnamed telecommunication company’s servers associated with an underwater cable responsible for internet, cable service and cell connections in Hawaii and the region, the agency said in a statement Tuesday. Hawaii-based agents with Homeland Security Investigations, an arm…
McDonald’s is Informing its Costa Rica Customers About a Data Breach
Manikanta Immanni reports: McDonald’s faced an indirect data breach where a hacker accessed sensitive information belonging to its clients in the Costa Rica branch. The company later said that a service provider it hired has left its client data exposed, which was reportedly accessed by the hacker. […] How the hacker was able to access…
Kr: Source Music Fined 3 Million Won By PIPC For Accidentally Leaking Fans’ Personal Information
Soompi reports: Source Music has been ordered to pay a fine of 3 million won (approximately $2,438) by South Korea’s Personal Information Protection Commission (PIPC). Last year, after GFRIEND’s sudden disbandment, Source Music used a Google questionnaire in the process of refunding fan club membership fees. However, due to the questionnaire’s privacy settings being accidentally set to public,…