Of Note – Page 725 – DataBreaches.Net

AU: Mobile security outrage: private details accessible on net (updated)

Posted on January 8, 2011 by Dissent

Natalie O’Brien reports: The personal details of millions of Vodafone customers, including their names, home addresses, driver’s licence numbers and credit card details, have been publicly available on the internet in what is being described as an ”unbelievable” lapse in security by the mobile phone giant. The Sun-Herald is aware of criminal groups paying for…

Thousands of stolen iTunes accounts for sale in China

Posted on January 6, 2011 by Dissent

Tens of thousands of fraudulent iTunes accounts are for sale on a major Chinese website, it has been revealed. Around 50,000 accounts linked to stolen credit cards are listed on auction site TaoBao, the country’s equivalent of eBay. Buyers are promised temporary access to unlimited downloads from the service for as little as 1 yuan…

As 2010 draws to a close, data breach version

Posted on December 31, 2010 by Dissent

A breach involving paper records just became my last breach post for 2010. It seems somehow appropriate, as breaches involving paper records constitute over 20% of breaches I find out about but they’re often not taken as seriously, it seems, as breaches involving large electronic databases. Yet these types of breaches, which often go unreported,…

110,000 customers of CitySights NY notified of credit card breach

Posted on December 16, 2010 by Dissent

Lawyers for Twin America LLC (d/b/a CitySights NY) have notified the New Hampshire Attorney General’s Office that an SQL injection attack on their client’s web server resulted in the acquisition of 110,000 customers’ credit card data. The security breach was discovered on or about October 25, when the firm’s web programmer noticed that unauthorized script…

Ohio State notifies 760,000 of unauthorized access to university server

Posted on December 15, 2010 by Dissent

Earlier this year, Ohio State University (OSU) noted that they had been averaging about data breaches per year, usually minor, but involving SSN. Yesterday, they revealed another breach. I’m not sure how you try to minimize access to a server containing PII on 760,000 people or a finding that your server was used to launch…

Do Walgreens, McDonald’s, and deviantART breaches have common point of compromise? (updated)

Posted on December 14, 2010 by Dissent

Dan Goodin reports: FBI agents looking into the theft of customer data belonging to McDonald’s are investigating similar breaches that may have hit more than 100 other companies that used email marketing services from Atlanta-based Silverpop Systems . “The breach is with Silverpop, an email service provider that has over 105 customers,” Stephen Emmett, a…