Asha McLean reports: Yahoo has said that an unauthorised third party accessed the company’s proprietary code to learn how to forge certain cookies, which it said resulted in an intruder accessing approximately 32 million user accounts without a password. “The outside forensic experts have identified approximately 32 million user accounts for which they believe forged…
Category: Of Note
Police in southern China bust six large data theft operations
Josh Ye reports: Police in southern China have busted six data theft operations, arresting 138 suspects at 14 locations in the city of Guangzhou, according to a national newspaper . The police said the raid, which took place on early on Monday, seized more than 2,000 bank cards and a large number of electronic devices including…
Aptos malware breach affected 40 online retail stores
Aptos, Inc. provides e-commerce solutions for a number of online e-tailers. In November, 2016, Aptos discovered it had a malware breach from February, 2016 – December, 2016. At law enforcement’s request, they delayed notification to their clients, so we are first finding out about it now as the clients begin to disclose the breach to their customers. So far,…
NHS accused of covering up huge data loss that put thousands at risk
Denis Campbell and Pamela Duncan report: Thousands of patients are feared to have been harmed after the NHS lost more than half a million pieces of confidential medical correspondence, including test results and treatment plans. In one of the biggest losses of sensitive clinical information in the NHS’s 69-year history, more than 500,000 pieces of patient data…
Security lapse exposed New York airport’s critical servers for a year
Zack Whittaker reports: A security lapse at a New York international airport left its server backups exposed on the open internet for almost a year, ZDNet has found. The internet-connected storage drive contained several backup images of servers used by Stewart International Airport, but neither the backup drive nor the disk images were password protected, allowing…
Chicago Public Schools exposed confidential student information – again!
Lauren FitzPatrick reports: Confidential information about Chicago Public Schools students — including medical conditions and dates of birth — was kept on unsecured web documents that anyone could call up despite laws and CPS rules that are supposed to safeguard children’s privacy. Some of the personal, identifiable information involved requests for certain ongoing nursing services…