Two breaches seemed small and innocuous at the time, but weren’t. A timely reminder why entities should notify even when they think risk is low. Thomas Fox-Brewster reports: In 2009 and 2010 two separate attacks hit widely-used online gambling payments processors Moneybookers and Neteller. Though they initially appeared innocuous, it now seems both attacks saw millions of…
Category: Hack
TalkTalk offers customer £30.20 ‘final settlement’ after crims nick £3,500
TalkTalk is really turning out to be the poster child for how not to handle a breach. In today’s installment of “Lollipops are Adequate Mitigation, Right?” Alexander J. Martin reports: TalkTalk is trying and failing to mend its broken customer relationships following the recent mega breach, in one case offering an individual who had £3,500 stolen…
Fourth arrest in TalkTalk case
A fourth person has been arrested in connection with the investigation into alleged data theft from TalkTalk. On the evening of Tuesday, 3 November, detectives from the Metropolitan Police Cyber Crime Unit (MPCCU) and officers from the National Crime Agency (NCA) executed a search warrant at an address in Norwich. A 16-year-old boy [D] was…
Six months after OPM hack detected, 75% of victims still not notified
Dustin Volz reports: Fewer than a quarter of 21 million federal workers hit by a major computer hack have been officially told that their personal information was compromised, six months after the breach was detected, a U.S. government official said on Tuesday. About 5 million notifications about the hack have been sent out so far,…
Indian Trade Groups Probe GIA Data Breach Linked to Contractor’s Employee
Rapaport News reports: India’s Gems and Jewellery Export Promotion Council (GJEPC) and the Bharat Diamond Bourse (BDB) have formed a joint committee to investigate the alteration of Gemological Institute of America (GIA) diamond grading reports, according to The Times of India (TOI). The GIA last week published the names and suspended the accounts of 19 firms implicated in the…
vBulletin patches and forces password reset as 0day is posted for sale
@Cyber_War_News contributed to this post. vBulletin.com is back online after a breach first reported on DataBreaches.net. In new developments, vBulletin forced a password reset and issued a patch while the 0day used to hack them was put for sale. Password Reset An announcement in their forum last night acknowledged the breach and explains: vBulletin.com Password Reset…