Catalin Cimpanu reports: A Maryland consulting firm that handles political fundraisers for the Democratic Party has left fundraiser data and passwords to databases storing voter records exposed online via an unsecured network attached storage (NAS) device. The exposed data was found last week by Bob Diachenko, Director of Cyber Risk Research at Hacken, a cyber-security…
Category: Business Sector
Cathay Pacific flags data breach affecting 9.4 million passengers
Reuters reports: Cathay Pacific Airways said on Wednesday (Oct 24) that data of about 9.4 million passengers of Cathay and its unit Hong Kong Dragon Airlines had been accessed without authorisation. Cathay said 860,000 passport numbers, about 245,000 Hong Kong identity card numbers, 403 expired credit card numbers and 27 credit card numbers with no…
Update: TIO Networks notifies consumers of breach going back to 2014 or earlier
TIO Networks USA was acquired by PayPal in July, 2017. Months later, they reported, services were suspended after discovery of vulnerabilities. Investigation into those vulnerabilities resulted in TIO having to report that it had been hacked by 2014 and possibly earlier. According to information provided in December, 2017, 1.6 million consumers were affected. From their…
ZA: Internet Solutions warns of security breach
Jan Vermeulen reports: Internet Solutions (IS) has confirmed that its internal monitoring systems have detected “irregular activity” on some of its virtual services. This comes after the company sent a notice to clients to warn them about a breach – and urged them to change their passwords and take additional steps to secure their servers….
$50 million settlement in Yahoo security breach
Michael Liedtke reports: Yahoo has agreed to pay $50 million in damages and provide two years of free credit-monitoring services to 200 million people whose email addresses and other personal information were stolen as part of the biggest security breach in history. The restitution hinges on federal court approval of a settlement filed late Monday…
Saudi Arabia’s ‘Davos in the Desert’ website was hacked and defaced
Zack Whittaker reports: The website of the Saudi government’s upcoming Future Investment Initiative conference was hacked and defaced with images of the murdered Saudi journalist Jamal Khashoggi. Several reporters tweeted screenshots of the site after its defacement, purporting to show Saudi crown prince Mohammed bin Salman — the kingdom’s de facto ruler — brandishing a sword….