Noble House Hotels and Resorts was alerted to a potential issue after receiving calls from guests who had used a payment card at one of Noble House’s properties, The Commons Hotel Minneapolis, and then saw unauthorized charges on that card. Noble House immediately initiated an investigation and engaged a computer security firm to examine its payment system for any…
Category: Malware
Update: Service Systems Associates breach impacted 60,000
Remember the Service Systems Associates breach that impacted 10 gift shops in zoos, museums, and other attractions earlier this year? As of their lawyer’s recent letter to the New Hampshire Attorney General’s Office, it appears that approximately 60,000 consumers had their card data caught up in the breach.
Changing ID numbers in wake of Japan Pension Service breach resulted in payment errors
The Japan Pension Service breach was a huge deal in Japan this summer, and it’s still having an impact as attempts to secure pensioners’ information by changing their ID numbers seems to have resulted in some people being overpaid while others were underpaid. Kyodo News reports: The Japan Pension Service mistakenly underpaid and overpaid about…
CERT.pl report on “The Postal Group”
From CERT.pl: During the SECURE conference, we presented a talk outlining actions performed by a group of criminals, which we have called “The Postal Group”. Their name is derived from the fact that they masquerade their phishing attacks as messages from the post office. This phishing then leads to either cryptolocker or a banking trojan….
Service Systems Associates updates its breach disclosure
Back in July, this site reported that a number of gift shops at zoos were impacted by a breach involving their point of sale systems. Service Systems Associates (SSA) issued a statement at the time. I’m not sure why more impacted entities are first disclosing now, but WBAP reports: You’ll want to check your bank statements if you went…
Bugat Botnet Administrator Arrested and Malware Disabled
A sophisticated malware package designed to steal banking and other credentials from infected computers has been disrupted, and charges have been filed in the Western District of Pennsylvania against a Moldovan administrator of the botnet known as “Bugat,” “Cridex” or “Dridex.” Actions taken by the U.K. and the U.S. substantially disrupted the botnet. Andrey Ghinkul, aka Andrei Ghincul and Smilex, 30, of…