ASI reports: Ohio-based Casad Company Inc., which runs the website totallypromotional.com, was the victim of a data breach in June and July, with hackers accessing the names, mailing and email addresses, and credit and debit card information for an undisclosed number of customers, according to documents posted online by the Office of the Attorney General…
Category: Malware
The OPM breach details you haven’t seen
Sean Lyngaas reports: An official timeline of the Office of Personnel Management breach obtained by FCW pinpoints the hackers’ calibrated extraction of data and the government’s step-by-step response. It illuminates a sequence of events that lawmakers have struggled to pin down in public hearings with Obama administration officials. The timeline makes clear that the heist…
JP: Pension data leak points to deeply flawed security culture
The Asahi Shimbun has an editorial about the Japan Pension Service leak reported previously on this blog. The editorial begins: Two reports have been released about the leak of personal data concerning 1.25 million or so people from the Japan Pension Service’s computer system due to a security breach caused by e-mails containing computer viruses….
Update: Fred’s Inc. says no evidence that payment card data was exfiltrated in breach
More details have emerged about the breach acknowledged by Fred’s Inc. after Brian Krebs contacted them. Ted Evanoff reports that two servers were compromised by malware. Although the company would not disclose how many customers were affected, their public relations firm issued a statement that said, in part: The investigation determined that an unauthorized person gained…
Lee’s Deli: breach of payment card system at two locations
As submitted to the California Attorney General’s Office, this notice from Sterling M Enterprises (dba Lee’s Deli): We recently learned that unauthorized individuals installed malicious software on computer systems used to process credit card transactions at our Lee’s Deli locations at 75 Battery Street in San Francisco, CA and 4200 Bohannon Drive in Menlo Park,…
Russian hackers use Twitter to mask sneaky data theft: FireEye
Jeremy Kirk reports: A group of suspected Russian hackers are using Twitter in a clever way to mask their data-stealing malware, according to computer security firm FireEye. Hackers have long used social networking services for relaying commands to their malware. But FireEye says this group — which it calls APT 29 — has taken it…