For the second time since Aug. 2013, online retailer NoMoreRack.com has hired a computer forensics team after being notified by Discover about a potential breach of customer card data, KrebsOnSecurity has learned. Read more on KrebsOnSecurity.com.
Category: Business Sector
Security firm report says Target data hack was low tech
Jennifer Bjorhus reports: The U.S. Secret Service has called the criminals behind Target Corp.’s monster security breach well-organized, “highly technical” and “sophisticated.” But cybersecurity firm McAfee Inc. said in a report out Monday that the heist was anything but exotic, describing the attack as a Breach 101 operation. The thieves used easily modified off-the-shelf malware, common methods…
Telstra fined, warned after new privacy breach
Mitchell Bingemann reports: TELSTRA has been fined $10,200 and warned over privacy breaches after an information leak exposed almost 16,000 of its customers’ private data online. In a joint investigation by the federal Privacy Commissioner and the communications watchdog, Telstra was found to have breached the Privacy Act by exposing online the data of some…
Statista Says Around 50,000 Users Are Impacted by Data Breach
Eduard Kovacs reports: On Saturday, we learned that statistics company Statista suffered a data breach. The company has responded to my inquiry about the incident and provided additional details. It turns out that roughly 50,000 users are impacted by the data breach. The incident was discovered after spam emails started landing in email addresses that have…
Experian Lapse Allowed ID Theft Service Access to 200M Consumer Records – Krebs
Brian Krebs writes: In October 2013, KrebsOnSecurity published an exclusive story detailing how a Vietnamese man running an online identity theft service bought personal and financial records on Americans directly from a company owned by Experian, one of the three major U.S. credit bureaus. Today’s story looks deeper at the damage wrought in this colossal misstep by one…
The Timken Company notifying 5,000 associates after data exposed on insecure server
Ohio-based The Timken Company, a global steel and bearing manufacturer and supplier, is notifying current and former associates and job applicants of a data security breach that occurred on January 30 and was discovered February 19. The breach occurred when a file containing personal information was stored on a server normally used for interchange of non-confidential information…