Paul Ducklin writes: Data breaches are always bad news, and this one is peculiarly bad. Gentoo, a popular distribution of Linux, has had its GitHub repository hacked. Hacked, as in “totally pwned”, taken over, and modified; so far, no one seems to be sure quite how or why. That’s the bad news. Fortunately (we like…
Category: Business Sector
Adidas data-security breach could involve “a few million customers”
Kate Gibson reports: Adidas AG says data involving millions of customers may be in the hands of hackers following a possible security breach of its U.S. website, news that adds the athletic apparel company to a growing list of companies and institutions targeted in cyber attacks. Adidas on Thursday said it became aware of the…
Equifax Engineer Who Designed Breach Website Charged With Insider Trading
Catalin Cimpanu reports: The US Securities and Exchange Commission (SEC) has indicted a former Equifax engineer on charges of insider trading. According to court documents, Sudhakar Reddy Bonthu, 44, of Cumming, Georgia, worked for Equifax between September 2003 and March 2018. Starting September 2013, Bonthu worked as Production Development Manager of Software Engineering in Equifax’s…
Two Hackers Arrested for Hijacking Over 700,000 Online Accounts
Catalin Cimpanu reports: Russian police have arrested two teenage hackers for breaching, hijacking, and selling access to over 700,000 online accounts at Russian-based online stores, payment systems, and bookmaking/betting portals. Russian cyber-security firm Group-IB aided authorities with the investigation. A Group-IB spokesperson said the company first became aware of the two hackers in November 2015,…
Exchange Leak Puts $620K-Worth of Customer Crypto at Risk
Wolfie Zhao reports: A South Korea-based exchange has inadvertently leaked sensitive information about 19 of its users, potentially putting some $620,000 worth of cryptocurrency at risk. According to a report from CoinDesk Korea , an employee of Bitkoex, an exchange launched in May, posted information on how much of the Karma (KRM) cryptocurrency was held…
(UPDATED) Equifax Agrees to New Data Breach Safeguards in Consent Order With State Regulators
Dan M. Clark reports on six major actions Equifax agreed to take to settle eight states’ charges against them over the 2017 data breach. From his report, because I cannot find a copy of the actual consent decree online just yet: The company’s board members will have to review and approve a written risk assessment…