Gareth Corfield reports: McDonald’s customers who won a prize draw competition got more than they hoped for after the burger chain emailed them login credentials for development and production databases used to power the campaign. The first person to report the blunder to McDonald’s, startup founder Connor Greig, told The Register: “It’s a bit weird,” adding…
Category: Business Sector
Hackers leak passwords for 500,000 Fortinet VPN accounts
Lawrence Abrams reports: A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. While the threat actor states that the exploited Fortinet vulnerability has since been patched, they claim that many VPN credentials are still valid. Read more on BleepingComputer.
Data Breach Lawsuit Against Sonic Will Proceed
Sarah Coble reports: Litigation filed against American fast-food chain Sonic over a 2017 data breach has been allowed to proceed. Financial institutions brought a lawsuit against Sonic Corp after it emerged that financial data belonging to customers of the restaurant had been stolen in a cyber-attack. The attacker(s) installed malware on a point-of-sale system used at hundreds of Sonic franchises. Read…
Data breach at US restaurant and gambling chain Dotty’s may have leaked sensitive customer information
Jessica Haworth reports: A cyber-attack on US fast food and gambling chain Dotty’s has exposed the personal data of customers, the company has warned. Dotty’s, a fast food chain which offers gambling services across 175 locations, is owned and operated by Nevada Restaurant Services (NRS). Read more on The Daily Swig. DataBreaches.net had previously reported on Nevada…
Elon Musk’s top-secret ‘full self-driving’ AI car software leaked to hackers
Claran Daly reports: The software which enables certain Tesla cars to autonomously drive themselves has been leaked, enabling hackers outside of the USA to hit the streets hands-free. The software usually costs up to $10,000. Read more on The Daily Star. Does anyone else find this leak frightening?
PA: Penelec customers must reset passwords after security breach
WCED News reports: The parent company of Penelec and other electric companies in our state, the First Energy Corporation, is requiring all customers to reset their passwords due to a security breach. First Energy disabled the online accounts and asked customers to reset the passwords on Friday after detecting hackers making numerous unauthorized attempts to…