I should have noted this one last week. My bad. Brian Krebs reports: In an unrelated development, not long after this publication broke the news that the Lizard Squad’s attack infrastructure is built on a network of thousands of hacked home Internet routers, someone hacked LizardStresser[dot]su, the Web site the group uses to coordinate attacks and sell subscriptions…
Category: Hack
UK: Customer records left exposed after shoe company data breach
The Information Commissioner’s Office (ICO) has issued a press release indicating that high street and online shoe retailer Office has signed an undertaking following a hacking incident the ICO was informed about on May 29, 2014. According to details in the undertaking, a member of the public had hacked into an unencrypted historic Office database that was being stored on a legacy server outside…
C’mon, folks, you really need to acknowledge breach notifications, Monday edition
I haven’t kept strict statistics, but in general, most entities that I try to notify of a breach fail to respond at all. Others may respond that they’re looking into claimed hacks, but then fail to get back to me with a definitive answer or statement. Here’s another case in point: On January 10, I…
Metropolitan State U. disclosed breach, but what about other .edu targets of Abdilo?
On December 31, a self-described teenage hacker from Australia who calls himself “Abdilo” claimed to have hacked into dozens of education entities by exploiting SQLi vulnerabilities. Metropolitan State University acknowledged they were breached, but what is going on with the other educational entities that were allegedly hacked, too? Abdilo claims that he started attacking .edu sites back in…
AU: Private details leaked after travel insurance company hacked
PM reports on another hack by “Abdilo,” The computer systems and database of one of the country’s largest travel insurance companies has been hacked, and parts of its customer database posted online. Aussie Travel Cover, a privately owned New South Wales based business has known about the hack since before Christmas, but opted not to…
Wingstop Announces Data Security Incident Affecting Four Franchise Locations
DALLAS — Wingstop today announced that four of its independently owned and operated franchise locations may have been impacted by a data security attack on point-of-sale (POS) systems that could have enabled attackers to capture customer payment card information such as account number, expiration date or cardholder name. After receiving indications of suspicious activity, the company…