Category: Business Sector

Insider breach – Shapeshift’s story

Posted on by Dissent

@SwiftonSecurity kept telling everyone on Twitter that we #MUSTREAD the story of what happened at Shapeshift.io. And with good reason: it’s a phenomenal account of an insider breach told with the kind of refreshing honesty that’s often missing in most breach disclosures.  It also reads like a thriller. I’m going to give readers a different…

Read more

Court rejects Jetro’s argument in attempt to recoup fines and penalties over breaches

Posted on by Dissent

Long-time readers will remember the Restaurant Depot/Jetro breaches reported in 2011 and 2012. It appears that Jetro tried a novel approach to recovering some of the monies the breach cost them. As Dennis S. Klein, Jeffrey B. Goldberg, and Tyler Grove of Hughes Hubbard & Reed LLP explain, the court wasn’t buying their novel argument: … To allow its customers to…

Read more

Noodles & Company Probes Breach Claims

Posted on by Dissent

Brian Krebs reports: Noodles & Company, a fast-casual restaurant chain with more than 500 stores in 35 U.S. states, says it has hired outside investigators to probe reports of a credit card breach at some locations. Over the past weekend, KrebsOnSecurity began hearing from sources at multiple financial institutions who said they’d detected a pattern of fraudulent…

Read more

Children’s Educational Site Exposes Thousands of User Accounts and Payment Data

Posted on by Dissent

Another child-oriented site has exposed information due to a misconfigured MongoDB installation. This time, it’s ABCya.com, according to the MacKeeper security research team. Here’s what they reported they found exposed: credentials and information of 11k+ archived customers (including IP addresses, email addresses, names, temporary access codes, hashed and salted passwords) credentials and information on 21k+ active…

Read more