A smattering: Heartland Data Breach: 21 New Institutions Linked Credit union reports breach to cardholders More banks say clients fell into `security hole’ (Canadian fallout)
Category: Hack
FL: United Way Admits To Security Breach
According to CBS, United Way of Miami-Dade’s computer system was hacked. Files and applications were reportedly deleted early Christmas morning. The computer system contained personal information, including credit card information, but UW has not yet been able to determine if files were accessed. Read more on CBS
Ameriprise notifies customers of online breach
Ameriprise Advisor Services, Inc. (formerly H&R Block Financial Advisors) notified the Maryland Attorney General’s Office on December 24 of a breach involving a third-party vendor. According to the notification (pdf), AASI uses a third-party vendor to provide clients with online access to their accounts (usernames and passwords). The unnamed vendor notified them on December 17…
Guilty Plea: Blind Hacker Admits Harassment, Eavesdropping, Fraud
Kevin Poulsen reports on 18 year-old Matthew Weigman, a blind telephone hacker: […] In his plea deal with prosecutors, Weigman, who was born blind, admitted to a long criminal resume (.pdf). Among other things, he confessed to conspiring with other telephone hooligans who made hundreds of false calls to police that sent armed SWAT teams…
Canadian Tire cancels 16,000 Mastercards after Heartland breach results in hundreds of cards being misused
Canadian Tire (TSX:CTC) says it has cancelled and is re-issuing 16,000 Mastercard credit cards issued by its financial services arm over security concerns. Spokeswoman Lisa Gibson says the cards were deemed to be at risk after a widespread security breach disclosed last week by Heartland Payment Systems (NYSE:HPY), a U.S. credit card transaction processor. Gibson…
Pointer: SQL Server Database Hack Tricks Forensics
OK, because I’m not a security professional but a privacy advocate, I generally do not post just “straight security” news items, but this one really touches on an issue that keeps coming up. How many times have we been told that some unnamed or named forensics service examined a recovered laptop or a hacked database…