Neurocare, Inc. has been notifying some employees after one of their systems was infected by malware and the criminals acquired the firm’s login credentials to its payroll processor account. The credentials were then used to re-route direct deposits for some employees to other accounts. The scheme was foiled because Neurocare’s unnamed payment processor detected an…
Category: Malware
Maplesoft Affected by Security Breach
Seen on Maplesoft’s web site: Maplesoft is investigating a security breach of its administrative database that took place on July 17th, 2012. As a result of the breach, the perpetrators gained access to some email subscription data, including email addresses, first and last names, and company and institution names. Any financial information held by Maplesoft remains…
CFTC Data Breach Risks Employees’ Social Security Numbers
Silla Brust reports: The U.S. Commodity Futures Trading Commission suffered a data breach in May, putting at risk Social Security numbers and personal information of employees of the country’s top derivatives regulator. A CFTC employee received a “phishing” e-mail on May 21 and input information to a fraudulent website, according to a copy of an…
Intuit Financial Services warns customers that email sent via VerticalResponse contained malicious code
Malware-laden email from Intuit Financial Services has been reported, but how did this happen? The following was submitted to DataBreaches.net by a reader: From: Intuit Financial Services Sent: Thursday, June 14, 2012 11:29 PM To: IFS Clients Subject: Innovation Conference email issue – June 14 Earlier today you received an email from [email protected] with the subject…
Flame: Massive cyber-attack discovered, researchers say
Dave Lee reports: A complex targeted cyber-attack that collected private data from countries such as Israel and Iran has been uncovered, researchers have said. Russian security firm Kaspersky Labs told the BBC they believed the malware, known as Flame, had been operating since August 2010. The company said it believed the attack was state-sponsored, but…
Plaxo online address book service warns of security breach
Online address book service Plaxo has confirmed that an unknown malicious third-party gained access to the company’s API connection to Google’s address book and calendar. As a result of the security breach, Google took precautionary measures and temporarily disabled the connection, and sent Google account holders a “Suspicious sign in prevented” email advising them that…