New York Attorney General Letitia James today announced a lawsuit against Dunkin’ Brands, Inc. — franchisor of Dunkin’ Donuts — for failing to protect thousands of customers targeted in a series of cyberattacks. The company failed to notify nearly 20,000 customers that their accounts had been compromised, even though their information and personal funds were in…
Category: Hack
DoorDash confirms breach impacting 4.9 million
It was almost exactly one year ago that this site pointed readers to a report by Zack Whittaker that dozens of DoorDash customers were claiming that their accounts had been hacked. As Zack reported at the time, DoorDash denied any breach of their system. Fast-forward one year and Zack reports that DoorDash has confirmed it…
Polish data protection authority issues €645,000 fine to online retailer
Jessica Belton reports: Poland’s Personal Data Protection Office (UODO) this week imposed a PLN 2.8 million (€645,000) fine on online retailer Morele.net for “insufficient organisational and technical safeguards”. The data breach affected approximately 2.2 million customers who purchased products through one of the group’s nine websites. Read more on IT Governance.
Anonymous researcher drops vBulletin 5.x zero-day impacting tens of thousands of sites
Catalin Cimpanu reports: An anonymous security researcher has published details about a zero-day in vBulletin, today’s most popular internet forum software. Because of this individual’s actions, security experts are now concerned that the publication of details about this unpatched vulnerability could trigger a wave of forum hacks across the internet, with hackers taking over forum…
Russian Hacker Pleads Guilty For Involvement In Massive Network Intrusions At U.S. Financial Institutions, Brokerage Firms, A Major News Publication, And Other Companies
There’s a follow-up to the case of the hacker involved in the 2014 JP Morgan hack. From the Department of Justice, today: Geoffrey S. Berman, the United States Attorney for the Southern District of New York, announced today that ANDREI TYURIN, a/k/a “Andrei Tiurin,” pled guilty in Manhattan federal court to computer intrusion, wire fraud,…
Twitter suspends account claiming responsibility for WoW DDoS attack, Blizzard confirms suspect has been arrested
Dom Sacco has an update to reporting of September 8: UPDATE (September 20th): Blizzard has announced that a suspect has been arrested over this incident. It said in a forum post: “Immediately after the Distributed Denial of Service attacks against our game service began, the Blizzard Security Team worked around the clock with local and…