Reading a notification that employee email accounts were hacked and customer or patient information may have been accessed is nothing particularly unusual these days. What is a bit surprising, however, is when a breached entity offers those affected five years worth of credit monitoring, remediation, and other services. And that’s exactly what HealthEquity, Inc. is doing….
Category: Of Note
A leaky database of SMS text messages exposed password resets and two-factor codes
Zack Whittaker reports: A security lapse has exposed a massive database containing tens of millions of text messages, including password reset links, two-factor codes, shipping notifications and more. The exposed server belongs to Voxox (formerly Telcentris), a San Diego, Calif.-based communications company. The server wasn’t protected with a password, allowing anyone who knew where to…
Massive Data Leaks Keep Happening Because Big Companies Can Afford to Lose Your Data
Erik Sherman reports: If you live in the United States, there’s almost a 50 percent chance your personal data was lost in the giant Equifax data breach a year ago of 143 million records. Google had its own data breach in October this year that exposed data on as many as 500,000 accounts. Or the…
Firefox Monitor 2.0 gives you desktop notifications if a site suffers a data breach
Natasha Lomas reports: Mozilla is adding a new security feature to its Firefox Quantum web browser that will alert users when they visit a website that has recently reported a data breach. When a Firefox user lands on a website with a breach in its recent past they’ll see a pop up notification informing them…
One in five Magecart-infected stores get reinfected within days
Catalin Cimpanu reports: Online stores that have been infected with the Magecart malware –known to record and steal credit card details from checkout forms– often get reinfected after clean-up operations, a recent report has revealed. “In the last quarter, 1 out of 5 breached stores were infected (and cleaned) multiple times, some even up to…
Do you login to merchant sites using your FB or Google credentials? The Annex Cloud breach may have affected you.
Hmm. This one could result in big numbers. A notification from Title Nine about Annex Cloud. Annex Cloud is a service provider that you may never have heard of but may have used many times. The notification explains: Annex Cloud provides a service that enables individuals to use their user name and password from social media…