When RK Internet (“Rural King”) became suspicious on March 7th that their web server had been compromised, they brought in forensic investigators. Those investigators discovered that malware had been injected, and for transactions that occurred between February 6 until March 12, customers names, debit or credit card number with security code and expiration date, telephone…
Category: Business Sector
Experian sues Court Ventures to enforce indemnification in wake of Court Venture’s breach
As I tweeted last night, Experian has sued the former owner/shareholder of Court Ventures over the mess Experian found itself in when it acquired Court Ventures and later learned that a criminal had been using a Court Ventures account to access a U.S InfoSearch database with information on over 200 million Americans. Today, Jim Finkle…
5-year-old Ocean Beach boy exposes Microsoft Xbox vulnerability
Michael Chen reports: A young Ocean Beach boy is in the spotlight after he discovered a back door in to one of the most popular gaming systems in the world. When 5-year-old Kristoffer Von Hassel is playing his Xbox, his feet don’t touch the ground. But something he did has made the smartest guys at…
PK: Privacy breach: ‘Hacker’ arrested for leaking private data
Asad Kharal reports: A man was arrested on Wednesday for hacking into a cellular company’s database and uploading the information of its subscribers on a website. Mubashar Shahzad, a resident of Kasur, was arrested after the National Response Centre for Cyber Crime (NR3C) of the Federal Investigation Agency (FIA) traced his IP (internet protocol) address,…
At least two states investigating data breach involving Court Ventures, an Experian unit
Jim Finkle of Reuters reports: U.S. attorneys general have launched a multi-state investigation into a breach in which criminals gained access to a repository of some 200 million social security numbers through a unit of data provider Experian Plc. “We are investigating,” said Maura Possley, a spokeswoman for Illinois Attorney General Lisa Madigan. “It’s part…
Data breach lawsuit against LinkedIn whittled down to claimed misrepresentations of “industry standard” security
Lisa Hoffman reports: A putative class action against LinkedIn that follows a computer attack that made public millions of users’ passwords, has been pared down. The case will proceed with a focus on allegations that the professional networking site misrepresented the strength of its security protections. Judge Edward Davila refused on March 28 to dismiss…