Hamish Barwick reports: Sydney’s Mosman Municipal Council website has suffered a security breach that made the details of nine council staff available for download. However, according to a statement on the Council’s website no ratepayer information from the internal systems had been accessed. The hack was made via an SQL injection exploit on a subsidiary…
Category: Non-U.S.
(follow-up) Sydney Uni ‘breached student privacy’
An investigation has found the University of Sydney failed in its obligations by not securing students’ private details on its website. A section of the university’s website was shut down in January after it was found sensitive information could be obtained by entering a student’s identification number. No password was required to access the name…
Groupon leaks entire Indian user database
Patrick Gray writes: The entire user database of Groupon’s Indian subsidiary Sosasta.com was accidentally published to the Internet and indexed by Google. The database includes the e-mail addresses and clear-text passwords of the site’s 300,000 users. It was discovered by Australian security consultant Daniel Grzelak as he searched for publicly accessible databases containing e-mail address…
Man’s ‘horror’ at NHS web privacy leak
Rhianne Pope reports: A jobseeker has said he is “horrified” after logging on to an NHS job site and seeing other people’s data. The 62-year-old from Bicester, who wished to remain anonymous, said he visited Jobs.nhs.uk to look for a new maintenance job. But after registering his name on the site last Monday, he realised…
T&T supermarket chain in Canada discloses hack affecting 58,000 customers; issues warning about malware
Seen at InsideToronto.com: The website of Canada’s largest Asian supermarket chain has been hacked. Richmond, BC-based T&T Supermarket Inc, which has three locations in Toronto (two in Scarborough and one in the port lands), advised the public of “unauthorized and illegal intrusions” on its website – www.tnt-supermarket.com – in a June 24 press release. The…
10 days and additional information later…. (BioWare update)
Back on June 14, BioWare learned that they had been hacked. The following day, and as reported here previously, they notified users on their forum that the hack may have compromised “information such as user account names and passwords, email addresses, and birth dates of approximately 18,000 accounts.” Today, 10 days later, my son received…