A reader kindly sent in this notification from Hammer Nutrition: NOTICE OF POTENTIAL DATA BREACH Dear Valued Customer, It is with deep regret that I am writing to inform you of an incident involving access to information associated with online purchases made on our website www.hammernutrition.com. We are providing notice to you and other potentially affected customers…
Category: Business Sector
NYS A.G. Underwood Announces Settlements With Five Companies Whose Mobile Apps Failed To Secure User Information Transmitted Over The Internet
Mobile Apps Operated by Western Union, Priceline, Equifax, Spark Networks, and Credit Sesame Suffered from Well-Known Security Vulnerability Program to Protect App Users’ Information Part of AG Initiative to Uncover Critical Security Vulnerabilities Before User Info is Stolen Companies Have Agreed to Implement Comprehensive Security NEW YORK – Attorney General Barbara D. Underwood today announced settlements…
Popular avatar app Boomoji exposed millions of users’ contact lists and location data
Zack Whittaker reports: Popular animated avatar creator app Boomoji, with more than five million users across the world, exposed the personal data of its entire user base after it failed to put passwords on two of its internet-facing databases. The China-based app developer left the ElasticSearch databases online without passwords — a U.S.-based database for its international…
AU: Thousands affected in ActewAGL and Icon Water mail-out privacy breach
Jasper Lindell reports: ActewAGL has confirmed 400 electricity, gas and water customers have received bundles of bills addressed to other utility customers in a massive privacy breach affecting 6000 customers in the ACT and NSW. ActewAGL notified the Privacy Commissioner of the breach after it became aware of the mistake on Wednesday and had set up…
ASI Computer Systems notifies customers after discovering support site compromise of login credentials
ASI Computers is notifying some of their customers after discovering on November 1, 2018 that usernames and passwords on a support web site had been hacked prior to December 2016. From their notification to California: ASI confirmed which credentials had been exposed by the following day, November 2, 2018. ASI determined the affected credentials related…
Ticketmaster tells customer it’s not at fault for site’s Magecart malware pwnage
From the maybe-if-we-just-say-it’s-not-our-fault? dept, Gareth Corfield reports: Ticketmaster is telling its customers that it wasn’t to blame for the infection of its site by a strain of the Magecart cred-stealing malware – despite embedding third-party Javascript into its payments page. In a letter to Reg reader Mark, lawyers for the controversy-struck event ticket sales website said that Ticketmaster “is…