Update: One day later, the story of the OpticsML breach got much worse when Bob Diachenko found a second exposure involving the vendor. Read about it here. Original post: Zack Whittaker reports on a leak discovered by Bob Diachenko of Security Discovery: A trove of more than 24 million financial and banking documents, representing tens…
Category: Business Sector
Class action settlement reached in Sonic data breach case
There’s been a settlement reached in a Sonic breach first reported by KrebsOnSecurity in 2017. KFOR reports that the settlement notice includes a statement: “The Settlement includes all residents of the United States of America who made a purchase at any one of the 325 impacted Sonic Drive-In locations and paid using a credit or…
Why doesn’t Twitter have a way to notify them of leaks or concerns outside of a bug bounty program?
L33tdawg writes: Twitter has owned up to a privacy goof that exposed some Android users’ private tweets. That would be bad enough if the problem existed for an hour, or a day, or a month. But unfortunately for Twitter (and affected users) the problem was present from November 3 2014 until January 14 2019. That’s…
Graeter’s: Website breach could compromise 12,000 customers’ credit card data
WLWT reports: Cincinnati-based Graeter’s ice cream has issued notices to thousands of customers: Your credit card information may be compromised. The ice cream chain sent out 12,000 notices to customers who made purchases on Graeter’s website last year, saying that an “unauthorized code” was added to the website’s checkout page. As a result, thousands of…
Google hit with €50m fine by CNIL for data privacy breach
The Irish Times reports: Google has been fined €50 million for breaking EU privacy laws in the first case of a US tech giant being caught under Europe’s tough new data protection rules. France’s data protection office (CNIL) found the US search engine guilty of breaking EU privacy laws by failing to obtain adequate consent…
South Africans’ airtime and data stolen through malicious smartphone app
Jamie McKane reports: Mobile technology company Upstream announced earlier this month that it had detected a suspicious weather forecast application which was pre-installed on Alcatel smartphones. The company’s security platform, Secure-D, detected suspicious activity initiated by this application across multiple countries – most notably in Brazil and Malaysia, although South Africa was also affected. The…