Sometimes you just have to grin when the bad guys screw up, misconfigure their backup, and expose their entire operation to the world. This is one of those times. Chris Vickery of the MacKeeper Security Research team and Steve Ragan of Salted Hash have the mega leak of the year. Steve writes: This is the story…
Category: Of Note
Yahoo says 32m user accounts were accessed via cookie forging attack
Asha McLean reports: Yahoo has said that an unauthorised third party accessed the company’s proprietary code to learn how to forge certain cookies, which it said resulted in an intruder accessing approximately 32 million user accounts without a password. “The outside forensic experts have identified approximately 32 million user accounts for which they believe forged…
Police in southern China bust six large data theft operations
Josh Ye reports: Police in southern China have busted six data theft operations, arresting 138 suspects at 14 locations in the city of Guangzhou, according to a national newspaper . The police said the raid, which took place on early on Monday, seized more than 2,000 bank cards and a large number of electronic devices including…
Aptos malware breach affected 40 online retail stores
Aptos, Inc. provides e-commerce solutions for a number of online e-tailers. In November, 2016, Aptos discovered it had a malware breach from February, 2016 – December, 2016. At law enforcement’s request, they delayed notification to their clients, so we are first finding out about it now as the clients begin to disclose the breach to their customers. So far,…
NHS accused of covering up huge data loss that put thousands at risk
Denis Campbell and Pamela Duncan report: Thousands of patients are feared to have been harmed after the NHS lost more than half a million pieces of confidential medical correspondence, including test results and treatment plans. In one of the biggest losses of sensitive clinical information in the NHS’s 69-year history, more than 500,000 pieces of patient data…
Security lapse exposed New York airport’s critical servers for a year
Zack Whittaker reports: A security lapse at a New York international airport left its server backups exposed on the open internet for almost a year, ZDNet has found. The internet-connected storage drive contained several backup images of servers used by Stewart International Airport, but neither the backup drive nor the disk images were password protected, allowing…