Ann Bednarz reports: Payday didn’t go as planned on January 2, 2014, for some Boston University employees. On that day, about a dozen faculty members discovered their paychecks hadn’t been deposited into their bank accounts. Thieves had changed the victims’ direct deposit information and rerouted their pay. BU’s IT security team traced the attack to a phishing…
Category: Malware
Eataly payment card breach spanned 3 months; NYC customers offered credit monitoring services
Eataly, the high-end Italian food market that announced a payment system breach provided additional details in an update: Eataly NY, LLC (“Eataly”) recently became aware of a personal information security incident possibly affecting certain individuals who made a payment card purchase at the Eataly NYC Retail Marketplace, located at 200 5th Avenue, New York, NY 10010 (the “NYC…
Japan’s pension system hacked, 1.25 million cases of personal data leaked
William Mallard of Reuters reports another breach due to successful phishing of employees: Japan’s pension system has been hacked and more than a million cases of personal data leaked, authorities said on Monday, in an embarrassment that revived memories of a scandal that helped topple Prime Minister Shinzo Abe in his first term in office. Japan…
Locker ransomware author dumps database of private keys, apologizes
Wow. Seen on Pastebin last night: Hi, I am the author of the Locker ransomware and I’m very sorry about that has happened. It was never my intention to release this. I uploaded the database to mega.co.nz containing “bitcoin address, public key, private key” as CSV. This is a dump of the complete database and…
Small businesses trashed in big “Grabit” malware campaign
Darren Pauli reports: Kaspersky researcher Ido Noar says attackers have hit hundreds of small and medium businesses, stealing credentials and documents in a noisy smash-and-grab campaign. Noar says criminals have stolen some 10,000 documents from nanotechnology, education, and media outfits in an attack that foists a newly-discovered strain of malware called “Grabit”. Read more on…
Sally Beauty Provides Update On Recent Security Investigation
DENTON, Texas — May 28, 2015 Sally Beauty Holdings, Inc. (the “Company”) updated its customers today on its ongoing investigation of the illegal intrusion into its payment card systems and efforts to provide support to customers who may have been affected by the incident. As previously announced, the Company began an investigation into a possible…