John Leyden reports: A serious vulnerability that potentially allowed shoplifters to empty eBay ProStores shops and swipe customer credit cards has been fixed – according to the security researcher who says he found the hole. Mark Litchfield, an infosec pro at Securatary, told us he discovered a flaw in eBay-owned ProStores that not only opened the door…
Category: Exposure
Expert Hacks Healthcare.gov in 4 Minutes
Well, no, they didn’t hack it. They didn’t even have to, it seems. Keith Koffler reports: Security consultant David Kennedy, who has testified before Congress about the flaws in Healthcare.gov that have made people’s information unsafe, revealed Monday he was able to gain access to the personal records of 70,000 Obamacare enrollees in four minutes….
UK: Family’s safety ‘put at risk’ by council’s blunder
Stef Lach reports: A father says his family’s safety was put at risk by a council blunder which saw his personal details sent to thousands of people. Renfrewshire Council wrote to the 5354 people on its approved landlords list inviting them to a Landlord Accreditation training course, but also attached a list with personal details…
CN: Website security loopholes force Ctrip to stop saving user CCV info
Si Huan reports: Ctrip will stop saving users’ credit card verification (CCV) information online after system loopholes were discovered on the travel website that led to the leak of user information and possible money loss. Shanghai-based Ctrip, China’s biggest tourism website with more than 140 million users, said yesterday that it will not save users’…
Email gaffe exposes Loyola Law School students’ info to others
ALLGov reports: The Financial Aid Office of Loyola Law School in Los Angeles inadvertently exposed the personal information of what may very well have been the school’s entire 395-member student body to 14 members of its May 2014 graduating class. Read more on AllGov The full text of the notification email was posted online last…
Potential 7 Million Credit Card Details Leaked by “Anonymous Ukraine” (update2)
Lee J reports on DataLossDB: The last couple of weeks have seen tensions rising between Russia and Ukraine, and along with it an increase in computer crime. Sometime earlier this morning, a post allegedly by Anonymous Ukraine has claimed to have published “more than 800 million credit cards” by releasing four archives: Visa, Mastercard, American…