Back in January, I noted that Lush Cosmetics had been hacked and customer data acquired and misused. The company reportedly only became aware of the breach after receiving reports from almost 100 customers who had become victims of card fraud. Today, the UK’s Information Commissioner’s Office revealed that Lush was required to sign an undertaking…
Category: Hack
UK: Hampshire school breached data protection rules
From the Information Commissioner’s Office: Bay House School in Hampshire breached the Data Protection Act after the personal details of nearly 20,000 individuals, including some 7,600 pupils, were put at risk during a hacking attack on its website. The hack – which happened in March and involved one of the school’s pupils – exposed pupils’…
AntiSec hackers release ‘largest cache yet’ of law enforcement data
Zack Whittaker reports: Hackers associated with the AntiSec movement — a LulzSec and Anonymous combined effort to breach systems with weak security — have released a 10GB in size cache of data belonging to law enforcement. Known as ‘Shooting Sherrifs Saturday’, this follows ‘F**k FBI Friday’ in June, where LulzSec published hundreds of hacked usernames,…
(update) Travelodge blames ‘vindictive individual’ for email database breach
John Leyden has a follow-up on an e-mail hack The Register initially revealed in June and that I covered on this blog. Travelodge UK’s explanation doesn’t fully answer my questions, but here’s part of it: This enquiry has thoroughly examined our own IT infrastructures and databases and those belonging to our suppliers as well. The…
University of Arizona responds to email hack
DA Morales reports on an email hack that didn’t involve any PII but serves as a reminder that you can have a long passphrase or great password, but that’s not enough: The computer security at the UA seems tough to beat, or so it seemed until last night. If you have ever had to set…
How sweet it isn’t: Hershey notifies some web site users of a hack
A reader sent in this breach notification he received yesterday. Stay with it because although it starts out talking about the security of their recipes and how important accuracy is to them, eventually they get around to notifying people that their names, dates of birth, street and e-mail addresses, and passwords may have been accessed…