Sean Gallagher reports on an interesting revelation concerning the second data breach at the University of Maryland: A whitehat hacker from the Baltimore suburbs went too far in his effort to drive home a point about a security vulnerability he reported to a client. Now he’s unemployed and telling all on reddit. David Helkowski was working…
Category: Malware
Is delaying notification for law enforcement purposes ever unreasonable?
Over on Security Bistro, Linda Musthaler discusses the recently disclosed Spec’s breach and the fact that Spec’s knew about the breach but was asked not to disclose it by law enforcement. We’ve seen this many times – delays in notification so as not to interfere with a law enforcement investigation. But should there be some…
RK Internet notifies customers after malware snags their information
When RK Internet (“Rural King”) became suspicious on March 7th that their web server had been compromised, they brought in forensic investigators. Those investigators discovered that malware had been injected, and for transactions that occurred between February 6 until March 12, customers names, debit or credit card number with security code and expiration date, telephone…
Possible data breach affects roughly 15K U. Wisconsin -Parkside students
Carey Docter reports: The University of Wisconsin-Parkside notified approximately 15,000 students on Thursday, March 27th of the potential exposure of personal data. Notifications were sent to the most recent email and U.S. mail addresses on file. The data that is potentially at risk includes names, addresses, telephone numbers, email addresses, and Social Security numbers of students who…
Pointer: Senate Commerce report on Target data breach
The Senate Committee on Commerce, Science, and Transportation released its report, “A “Kill Chain” Analysis of the 2013 Target Data Breach.” The report was prepared by the majority staff for Chairman Rockefeller.
Rosenthal Wine Shop discloses malware may have compromised customers’ payment card info
In response to a breach discovered on January 12, Rosenthal Wine Shop (Castle Creek Properties, Inc., dba Rosenthal the Malibu Estates) is notifying customers that malware may have compromised their payment card information: We recently learned that unauthorized individuals or entities installed malicious software on computer systems used to process credit card transactions at the Rosenthal wine…