Melissa Locker reports: In 2012, 24 million Zappos customers found out that hackers had accessed their personal information. Since then, customers have fought to sue Zappos, Amazon’s online shoe retailer, over the data breach. Now, the U.S. Supreme Court has rejected an appeal, meaning they can move forward with a class-action lawsuit against the company for…
Category: Business Sector
Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers
Kim Zetter reports: Researchers at cybersecurity firm Kaspersky Lab say that ASUS, one of the world’s largest computer makers, was used to unwittingly install a malicious backdoor on thousands of its customers’ computers last year after attackers compromised a server for the company’s live software update tool. The malicious file was signed with legitimate ASUS…
AU: Security researcher pleads guilty in GoGet case
There’s an update to a case previously noted on this site in January, 2018. Rohan Pearce reports: Illawarra-based security researcher Nikola Cubrilovic has pleaded guilty to charges related to unauthorised access to the GoGet service and will be sentenced in May. Cubrilovic was arrested in January 2018 and charged with allegedly accessing a database the car-sharing…
Kanopy privacy breach reveals which movies members have been streaming
On March 22, Simon Cohen reported: Free movie streaming site Kanopy has suffered a significant data leak, according to security researcher Justin Paine. Due to an unprotected web log database, which could be publicly accessed without authentication of any kind, Paine believes that the company has been leaking “roughly 26-40 million log lines per day beginning…
A family tracking app was leaking real-time location data
Zack Whittaker reports: A popular family tracking app was leaking the real-time locations of more than 238,000 users for weeks after the developer left a server exposed without a password. The app, Family Locator, built by Australia-based software house React Apps, allows families to track each other in real-time, such as spouses or parents wanting…
Ransomware Forces Two Chemical Companies to Order ‘Hundreds of New Computers’
Lorenzo Franceschi-Bicchierai reports: A ransomware attack appears to have affected two American chemicals companies, Motherboard has learned. Hexion and Momentive, which make resins, silicones, and other materials, and are controlled by the same investment fund, were hit by the ransomware on March 12, according to a current employee. An internal email obtained by Motherboard and…