Mark Duell reports: British Airways was today accused of trying to limit a potential £3billion payout over the data breach that saw cyber-hackers steal more than 500,000 customers’ details. The airline has applied to launch its own class action for victims of the hack – but with the condition that claimants must join within just…
Category: Business Sector
Credit card data from Russell Stover breach shows up for sale on the dark web
In an August 30th press release, posted previously on DataBreaches.net, chocolatier Russell Stover disclosed that point-of-sale (POS) terminals in their retail stores appeared to have been compromised by malware. Online customers were reportedly not at risk, but based on its investigation up until that date, they believed that the attacker may have been able to…
AU: Tech start-up investigating ‘potential data leak’ on online ticketing platform
Ben Nielsen and Rebecca Puddy report: An online ticketing company has moved quickly to fix a “potential data leak” after a university student claimed the personal details of thousands of people had been revealed. In a statement posted on its website, Get said it had “immediately acted” following reports of a “potential vulnerability” in its…
LinkedIn Can’t Block Analytics Company From Scraping Profiles
Wendy Davis reports: LinkedIn can’t rely on a 33-year-old anti-hacking law to prevent prevent the analytics firm HiQ Labs from mining data, a federal appellate court ruled Monday. The ruling, issued by a three-judge panel of the 9th Circuit Court of Appeals, leaves in place an injunction that requires LinkedIn to allow publicly available data…
Security breach on Pepperfry exposes details of users; now plugged
Pranav Hegde reports: A major security flaw was detected on online furniture store Pepperfry’s website, which could have allowed users to sign in to another registered user’s account. Pepperfry has claimed that the bug was fixed within an hour of being detected. Security researcher Ehraz Ahmed found the bug on Pepperfry’s website, which could have…
Monster.com says a third party exposed user data but didn’t tell anyone
Zack Whittaker reports: An exposed web server storing résumés of job seekers — including from recruitment site Monster — has been found online. The server contained résumés and CVs for job applicants spanning 2014 and 2017, many of which included private information like phone numbers and home addresses, but also email addresses and a person’s…