Ben Grubb reports: Telstra has been hit by a “hacking attack” affecting 35,000 customers, just a week after one of its IT staff told a security conference the telco was reviewing how it secured and stored customer information. The hacking attack occurred on the servers of a third party company that runs Telstra BigPond’s GameArena and Games Shop websites, the telco…
Category: Non-U.S.
WHMCS victim of social engineering; over 500,000 client records stolen, deleted from server, and dumped publicly
Why hack when you can socially engineer employees into giving you the keys to the kingdom? Client management billing platform WHMCS reports that hacker group UGNazi successfully socially engineered their web hosting firm into providing the hackers with admin credentials. The hackers then proceeded to acquire their data, delete it, and dump it. The attack…
UK: Personal details of Army snipers found in trunk of a second-hand car
This morning’s “Oh FFS!” breach: details of 28 snipers were found in the trunk of a used car purchased last August. The documents included “the names of personnel from a number of regiments, including one currently operating in Afghanistan, as well as details of a snipers’ training course.” And if that didn’t make it easy…
Telstra privacy breach was ‘one little oops’
Andrew Colley reports: It was “one little oops” that led Telstra to expose over 800,000 customer records on the web last December. That was the way Telstra’s security operations specialist Scott McIntyre described the mystery cause of the massive privacy breach at an IT security event on Wednesday, getting in ahead of a heavily delayed…
AU: Fish, chips, and a side order of card fraud
Ben Grubb reports that the number of data breaches in Australia is at least double what is reported to the government because there is no mandatory breach notification law. And not surprisingly, many of the breached entities are small businesses. Read more on Sydney Morning Herald.
UK council fined £70,000 following theft of highly sensitive data from employee’s home (updated with response from Council)
From the Information Commissioner’s Office: The London Borough of Barnet has been issued with a penalty of £70,000 for losing paper records containing highly sensitive and confidential information, including the names, addresses, dates of birth and details of the sexual activities of 15 vulnerable children or young people. The loss occurred when a social worker took the paper records…