Amir Nasr reports: Two Republican senators on Friday pressed Yahoo Inc. Chief Executive Marissa Mayer about her company’s failure to answer questions about data breaches from 2013 and 2014. “Despite several inquiries by committee staff seeking information about the security of Yahoo! user accounts, company officials have thus far been unable to provide answers to many…
Category: Business Sector
Missouri Man Indicted for Stealing Public School Employees’ IDs and Filing Fraudulent Tax Returns in Their Names (Updated)
A federal grand jury sitting in St. Louis, Missouri, indicted a St. Louis resident on mail fraud and aggravated identity theft charges relating to a scheme to steal public school employees’ IDs and use them to file federal tax returns. According to the indictment returned on Feb. 1 and unsealed yesterday, Kevin K. Williams stole…
Clusters f**ked: Insecure Hadoop file systems wiped by miscreants
Thomas Claburn reports: Administrators of Hadoop Distributed File System (HDFS) clusters have evidently not heeded warnings that surfaced last month about securing software with insecure default settings. Attacks on Hadoop clusters have wiped the data of at least 165 installations, according to GDI Foundation security researchers Victor Gevers, Niall Merrigan, and Matt Bromiley. The trio report that…
Fast Food Chain Arby’s Acknowledges Breach at Hundreds of Locations
Brian Krebs reports: Sources at nearly a half-dozen banks and credit unions independently reached out over the past 48 hours to inquire if I’d heard anything about a data breach at Arby’s fast-food restaurants. Asked about the rumors, Arby’s told KrebsOnSecurity that it recently remediated a breach involving malicious software installed on payment card systems at hundreds of…
Hacker steals 83,000 accounts from UPI news agency
Patrick O’Neill reports: A hacker is selling a database supposedly containing 83,000 compromised accounts from UPI.com, the website of the 110-year-old American news agency United Press International. After being contacted by CyberScoop, UPI alerted its entire email subscriber base Tuesday and removed login pages and entire sections of its website. Read more on CyberScoop.
Mag publisher Future stored your FileSilo passwords in plaintext. Then hackers hit
Shaun Nichols reports: UK magazine publisher Future’s FileSilo website has been raided by hackers, who have made off with, among other information, unencrypted user account passwords. FileSilo.co.uk is a website Future’s mag subscribers can log into to download materials, such as Photoshop templates and graphics, for tutorials published in its print titles. Future is responsible…