Ashley Madison marketed itself as a “100% discreet service” for people seeking to have affairs — and bolstered that claim with a fabricated security trustmark — but the company behind the website had inadequate security safeguards and policies, an investigation following a massive data breach has concluded. “Privacy breaches are a core risk for any…
Category: Business Sector
Has your internet provider been compromised? Malicious insiders are helping cybercriminals hack telecoms firms
Danny Palmer reports: Be they disaffected insiders or victims of blackmail, staff at telecommunications firms are providing cybercriminals with the information required to carry out cyberattacks against their employers. With the sector a top target for hackers — as demonstrated by last year’s TalkTalk hack — Kapersky Lab’s Threat Intelligence Report for the Telecommunications Industry warns telecoms providers that…
Epic’s forums hacked again, with thousands of logins stolen
Another forum using vBulletin hacked? Zack Whittaker reports: A hacker has stolen hundreds of thousands of forum accounts associated with Unreal Engine and its maker, Epic Games. More than 808,000 accounts were stolen in the attack — with more than half a million from Unreal Engine’s forums alone. Breach notification site LeakedSource.com, which obtained a copy…
Consumer Caution: Factory RV Surplus exposing customer info (updated)
I usually withhold information about a leaky site until it’s been secured, but when a company repeatedly fails to follow up and ignores notifications by phone and email, and when the company responsible for their site also ignores notification, it’s time to go public, I think. More than one month ago, I was contacted by…
Beauty site lets anyone read customers’ personal information
Darren Pauli reports: Popular online cosmetics site Strawberrynet has asked customers if a function that allows anyone to retrieve its customers names, billing addresses, and phone numbers with nothing more than an email address is a bug or a feature. The bug was first disclosed almost exactly a decade ago and resurfaced after security man Troy Hunt reported the flaw to…
AU: Miner Norton Gold Fields blames human error for leak of employees’ personal and financial details
Jasmine Bamford and Sam Tomlin report: The operators of a Kalgoorlie gold mine have blamed “human error” after the personal and financial details of several hundred employees were emailed to one of their suppliers. Staff at Norton Gold Fields have been advised to monitor their bank accounts, with their names, bank details and tax file…