In response to allegations published yesterday of a serious security breach that may have left millions of Vodafone customers’ personal details and credit card information at risk, Vodafone announced that it is investigating the allegations but denies that customer records are publicly available on the Internet: The AAP also reports: The mobile phone company has…
Category: Of Note
AU: Mobile security outrage: private details accessible on net (updated)
Natalie O’Brien reports: The personal details of millions of Vodafone customers, including their names, home addresses, driver’s licence numbers and credit card details, have been publicly available on the internet in what is being described as an ”unbelievable” lapse in security by the mobile phone giant. The Sun-Herald is aware of criminal groups paying for…
Thousands of stolen iTunes accounts for sale in China
Tens of thousands of fraudulent iTunes accounts are for sale on a major Chinese website, it has been revealed. Around 50,000 accounts linked to stolen credit cards are listed on auction site TaoBao, the country’s equivalent of eBay. Buyers are promised temporary access to unlimited downloads from the service for as little as 1 yuan…
As 2010 draws to a close, data breach version
A breach involving paper records just became my last breach post for 2010. It seems somehow appropriate, as breaches involving paper records constitute over 20% of breaches I find out about but they’re often not taken as seriously, it seems, as breaches involving large electronic databases. Yet these types of breaches, which often go unreported,…
110,000 customers of CitySights NY notified of credit card breach
Lawyers for Twin America LLC (d/b/a CitySights NY) have notified the New Hampshire Attorney General’s Office that an SQL injection attack on their client’s web server resulted in the acquisition of 110,000 customers’ credit card data. The security breach was discovered on or about October 25, when the firm’s web programmer noticed that unauthorized script…
Ohio State notifies 760,000 of unauthorized access to university server
Earlier this year, Ohio State University (OSU) noted that they had been averaging about data breaches per year, usually minor, but involving SSN. Yesterday, they revealed another breach. I’m not sure how you try to minimize access to a server containing PII on 760,000 people or a finding that your server was used to launch…