Ionut Ilascu reports: An online vendor of physical safes and vaults has been hit by cybercriminals who planted malicious code on its eCommerce website and captured details of orders placed by customers. Although SafeandVaultStore touts its products as “the ultimate theft deterrent,” it looks like it failed to protect its online assets and left sensitive information belonging to…
Category: Hack
Hacker accesses Gaana.com user data after site fails to respond to security alerts
Gwyn D’Mello reports that an online music site was hacked to make a point after they failed to secure their site despite multiple warnings: A white hat hacker used an exploit to gain access to Gaana.com user credentials, because they neglected to fix a security bug he reported. It seems Gaana.com was hacked a few…
New Jersey Settles Charges Against Tidbit Developer; Software Accessed New Jersey Computers Without Users’ Knowledge or Consent
Acting Attorney General John J. Hoffman and the New Jersey Division of Consumer Affairs obtained a settlement with the developer of “Tidbit,” a software code designed to help websites generate revenue by using their viewers’ computers to mine for the virtual currency known as Bitcoin. A New Jersey Division of Consumer Affairs investigation has found…
CNN sources: IRS believes massive data theft originated in Russia
Chris Frates reports: The IRS believes that a major cyber breach that allowed criminals to steal the tax returns of more than 100,000 people originated in Russia, two sources briefed on the data theft tell CNN. Read more on CNN. If you bet Russia, drink. If you bet China or North Korea, just be patient,…
Anon Coders take control of Kentucky GOP’s site; says expect more
Brad Bowman reports: The international hacking group, Anon Coders, still had control of the Republican Party of Kentucky’s website until about 11 a.m. Tuesday and told The State Journal they did it to spread the message not all Muslims are terrorists. RPK Chairman Steve Robertson said the website went down sometime Saturday afternoon and as…
What did Adult Friend Finder know and when did they know it? (update 1)
Oh my. DataBreachWallofShame.org posted some of CISO Darknet Group’s attempts to alert Adult Friend Finder back on March 12 that their data had been stolen and were up for sale. The alert was pretty clear, and they got a read receipt – but not actual acknowledgement. Note that their alert made it clear that FFN did not have to…