Two breaches seemed small and innocuous at the time, but weren’t. A timely reminder why entities should notify even when they think risk is low. Thomas Fox-Brewster reports: In 2009 and 2010 two separate attacks hit widely-used online gambling payments processors Moneybookers and Neteller. Though they initially appeared innocuous, it now seems both attacks saw millions of…
Category: Of Note
UK: Crown Prosecution Service fined £200,000 for breach involving contractor
Back in September, I prefaced a breach post involving the U.K.’s Crown Prosecution Service with the comment, “This is one of those really terrible breaches that are the stuff of nightmares.” It appears the Information Commissioner’s Office concurred, as CPS has been fined £200,000 after laptops containing videos of police interviews were stolen from a private…
Six months after OPM hack detected, 75% of victims still not notified
Dustin Volz reports: Fewer than a quarter of 21 million federal workers hit by a major computer hack have been officially told that their personal information was compromised, six months after the breach was detected, a U.S. government official said on Tuesday. About 5 million notifications about the hack have been sent out so far,…
vBulletin patches and forces password reset as 0day is posted for sale
@Cyber_War_News contributed to this post. vBulletin.com is back online after a breach first reported on DataBreaches.net. In new developments, vBulletin forced a password reset and issued a patch while the 0day used to hack them was put for sale. Password Reset An announcement in their forum last night acknowledged the breach and explains: vBulletin.com Password Reset…
The Hacking Team Defectors
Lorenzo Franceschi-Bichhierai has a good piece about members of the Hacking Team who left, and what happened afterwards. Here’s a teaser from it: His name is Alberto Pelliccione. Until last year, he was the man responsible for developing Hacking Team’s Android spyware, and one of the employees who had worked on the company’s marquee product,…
vBulletin, Foxit Software forums hacked by Coldzer0; hundreds of thousands of users’ info stolen
This post was co-authored with @Cyber_War_News. Some days we scratch our heads at the folks who proudly claim hacks and then give law enforcement enough evidence to go after them. And then this happened: #vBulletin 5.x.x hacked by Coldzer0 today. Licences & database dumped, shell on server. vBulletin denied. #0day #security #zeroday — Terry Tran (@terryjunx) November…