Catalin Cimpanu reports: Evite, a social planning and e-invitations service, and one of the biggest sites on the Internet, has officially admitted to a security breach that ZDNet first reported back in April. At the time, a hacker named Gnosticplayers put up for sale the customer data of six companies, including Evite. The hacker claimed…
Category: Business Sector
Two hacking groups responsible for huge spike in hacked Magento 2.x stores
Catalin Cimpanu reports: Two hacker groups are responsible for a huge spike in the number of hacked Magento 2.x shopping sites, according to Willem de Groot, founder of Sanguine Security. This is now the third month in a row when the number of hacked Magento 2.x sites has doubled, after it previously doubled from March…
CNIL Fines French Real Estate Service Provider for Data Security and Retention Failures
From Hunton Andrews Kurth: On June 6, 2019, the French Data Protection Authority (the “CNIL”) announced that it levied a fine of €400,000 on SERGIC, a French real estate service provider, for failure to (1) implement appropriate security measures and (2) define data retention periods for the personal data of unsuccessful rental candidates. Read more…
FIN8 hackers return after two years with attacks against hospitality sector
Catalin Cimpanu reports that researchers claim to have spotted evidence of ongoing and increasing FIN8 activity: But in a report published today, cyber-security firm Morphisec said it detected and stopped new FIN8 attacks aimed at companies in the hospitality industry. These new attacks leveraged the same malware the group had used in the past but…
UK: TalkTalk hacker Daniel Kelley sentenced to 4 years in jail
From the Crown Prosecution Service: A blackmailing hacker behind the TalkTalk cyber-attack – which cost the company £77million after the personal details of 157,000 customers were stolen – has today (10 June) been sentenced. Daniel Kelley, 22, admitted targeting at least six organisations by threatening to sell their hacked data on the ‘dark web’ unless…
CBP says traveler and license plate images were stolen in data breach
Zack Whittaker reports: U.S. Customs and Border Protection has confirmed a data breach has involved the photos of passengers traveling in and out of the United States. The photos were obtained from a subcontractor’s network through a “malicious cyberattack,” a CBP spokesperson told TechCrunch. The agency first learned of the breach on May 31. “CBP…