“Unu” of HackersBlog reports that they have been able to access at least one of UK telecom BT’s databases through SQL injection: A faulty parameter, improperly sanitized opens the vault to the pretious databases. One can gain access to such ordinary things as personal data, login data, and the like. In the first syntax I…
Category: Non-U.S.
Scotland: Patient data security overhauled
The BBC reports that NHS Dumfries and Galloway in south west Scotland improved its security after the loss of two memory sticks carrying patient data in May 2008. It now uses USB devices with built-in security, and is nearing completion on a program to fully encrypt all other portable devices. Patient groups had called for…
Telegraph.co.uk hacked, SQL injection (updated)
The HackersBlog crew, who had previously exposed vulnerabilities in a number of security vendor sites and a social networking site, now reports that they were able to exploit an SQL injection vulnerability to access The Telegraph‘s databases, including one that has 700,000 email addresses and passwords of those receiving the paper’s newsletter. Given how many…
HK: File sharing error exposes police data on the internet
The South China Morning Post has a report that Sheung Shui police data containing sensitive information have leaked onto the internet through file-sharing software Foxy. Subscription required to read the whole story, but by now, I suspect most of this site’s readers can pretty much guess what happened.
Bits ‘n Pieces
In the justice system: Three Romanians have been arrested in Malta in connection with police investigations of credit card fraud amounting to thousands of euro. Some 60 credit cards, a false passport, computers and equipment used to produce false credit cards were seized from a house in Msida. More. Four men from Florida were indicted…
AU: Bank confirms credit card fraud from Bottle Domains hack
On February 10, the Australian Domain Name Administrator (AuDA) reported that it had been notified by the Australian Federal Police (AFP) of a security incident involving domain registrar Bottle Domains. Another report at the time can be found here. Now eCommerce Report is reporting that one bank has confirmed fraud on some of the credit-cards…