Jeff John Roberts reports: Home Depot has taken another step to move on from its colossal 2014 data breach, which involved hackers stealing email or credit card information from more than 50 million customers by infiltrating self check-out terminals. In a new settlement with dozens of banks, the retailer has agreed to pay $25 million for damages they incurred…
Category: Of Note
Law Firm Sued for Alleged Lax Data Security Avoids Class Action
Derek Borchardt and Michael F. Buchanan have an update on litigation previously noted on this site. At its heart, a lawsuit claimed a Chicago law firm, Johnson & Bell, had inadequate data security. There was no allegation of any actual breach – the suit was over inadequate data security. Back in December of last year, we reported that for the…
Dutch detectives unravel 3.6 million encrypted emails sent by criminals
DutchNews.nl reports: Dutch detectives have gained access to 3.6 million encrypted emails sent by criminal gangs which will be used in dozens of prosecutions, the public prosecution department said on Thursday. The information in the mails will provide evidence for criminal cases, including murder, armed robbery, drugs, money laundering and other forms of organised crime,…
Russian Hackers Said to Seek Hush Money From Liberal U.S. Groups
Michael Riley reports: Russian hackers are targeting U.S. progressive groups in a new wave of attacks, scouring the organizations’ emails for embarrassing details and attempting to extract hush money, according to two people familiar with probes being conducted by the FBI and private security firms. At least a dozen groups have faced extortion attempts since…
Spammers expose their entire operation through bad backups
Sometimes you just have to grin when the bad guys screw up, misconfigure their backup, and expose their entire operation to the world. This is one of those times. Chris Vickery of the MacKeeper Security Research team and Steve Ragan of Salted Hash have the mega leak of the year. Steve writes: This is the story…
Yahoo says 32m user accounts were accessed via cookie forging attack
Asha McLean reports: Yahoo has said that an unauthorised third party accessed the company’s proprietary code to learn how to forge certain cookies, which it said resulted in an intruder accessing approximately 32 million user accounts without a password. “The outside forensic experts have identified approximately 32 million user accounts for which they believe forged…