Jeff Kosseff writes: Based on the extensive news coverage of this week’s court ruling against Wyndham Hotels and Resorts in its battle with the Federal Trade Commission (FTC), one would think that the sky is falling on efforts to resist FTC enforcement actions relating to data security. Adweek wrote that the case is “a test for…
Category: Hack
The Biggest Security Breach in the History of the Internet May Have Hacked All Your Information
Tom McKay reports: The news: Security researchers have identified a very, very serious security hole in one of the fundamental technologies protecting personal data all across the Internet. OpenSSL, the cryptographic software library that an estimated two-thirds of web servers worldwide use to connect with end users and guard against digital eavesdropping, has been vulnerable to hackers for…
Federal court denies Wyndham Hotels & Resorts’ motion to dismiss FTC’s complaint
Ashkan Soltani has uploaded an important ruling in FTC v. Wyndham, a case discussed many times on this blog. The short version of the ruling is that Wyndham went 0 for 3 on its challenges to the FTC’s authority to enforce data security under the FTC Act, to enforce data security in the absence of regulations that…
Neiman Marcus Data Breach Said Work of Russians Who Eluded U.S.
Michael Riley reports: Hackers who raided the credit-card payment system of Neiman Marcus Group Ltd. belong to a sophisticated Russian syndicate that has stolen more than 160 million credit-card numbers from retailers over seven years, according to people with knowledge of the matter. The Russian group is well known to U.S. authorities, who have indicted…
SQL Injection Leads To BigMoneyJobs.com Leak
From DataLossDB and Risk Based Security: Earlier today, a hacker identified as ProbablyOnion (who recently breached Boxee.tv) has posted data from a large job seeker website resulting in over 36,000 accounts being published online. The website BigMoneyJobs.com is a large hub for job seekers and employers looking to hire them. The breach was announced over Twitter and…
60,000 Personal Credentials Leaked From Syrian Sites
Lee J writes: Today a hacker from the European Cyber Army going by the handle @Zer0Pwn has announced a leak of data from two Syrian based websites job.sy, realestate.sy. The leak which is titled “ECA vs. Assad | Part 1″ was posted to Pastebin with a preview of some of the users’ data and a link to Sendspace. The attack is apart…