John Leyden reports: Social media application developer RockYou has vowed to improve its security and apply encryption following a breach that exposed 32 million user login credentials to hackers. Sensitive login credentials – stored in plain text – were left open to attack as a result of an SQL injection vulnerability in RockYou’s website. In…
Category: Hack
Heartland pays Amex $3.6M over 2008 data breach
Robert McMillan reports: Heartland Payment Systems will pay American Express $3.6 million to settle charges relating to the 2008 hacking of its payment system network. This is the first settlement Heartland has reached with a card brand since disclosing the incident in January of this year. […] This settlement resolves “all intrusion-related issues between the…
Hacker hits NC community college system
Kristin Collins reports: Patrons of the state’s community colleges may have had their drivers license and Social Security numbers stolen by a hacker. College officials announced late today that 51,000 library users at 25 campuses, including Wake Tech and Johnston County, were the victims of a security breach in August. They said the libraries collect…
Dollar Tree hacked over weekend, business as usual on Monday
Bryan Baker of WRDW in Georgia reports that Dollar Tree in North Augusta was hacked over the weekend: Employees say someone hacked into the store’s computers, potentially exposing sensitive customer information. North Augusta Public Safety says so far there have been no identity theft complaints from Dollar Tree customers. The store agreed, telling News 12…
Two Official Kaspersky Websites Hacked
Lucian Constantin reports: A grey hat hacker has found a critical SQL injection weakness on the official Kaspersky Lab websites in Malaysia and Singapore. Exploiting the vulnerability leads to full compromise of the underlying database, which contains customer information, product keys and other sensitive data. The attack has been documented by a Romanian hacker calling…
Court Rejects Request to Consolidate TJX Hacker Cases
Kim Zetter of Threat Level reports that: A federal judge in Massachusetts has rejected a request from U.S. attorneys to consolidate a New Jersey case against Albert Gonzalez, who has admitted hacking more than 120 million credit card numbers from Heartland Payment Systems, with two other cases against him in Massachusetts. […] The case was…