Tom Jowitt reports: The attack on eBay was a cross-site scripting (XSS) attack, in which users were redirected to a spoof website designed to steal their credentials. It is not known at this stage, how many users have been affected, said the BBC. “It would be nice to think that eBay, one of the world’s most popular…
Category: Other
IE: Private investigators charged with ‘blagging’ personal data
Elaine Edwards reports on a breach case previously noted on this blog: Two private investigators have appeared in court charged with allegedly ‘blagging’ personal information on a number of individuals from both the Department of Social Protection and the HSE nd with passing it to credit unions. Margaret Stuart (56) and Wendy Martin< (45), both directors of MCK Rentals…
IE: Dirty tricks at centre of credit union snooping
Niall O’Connor reports on a major case of social engineering: Sensitive personal data, including addresses and job details, was handed over by the Department of Social Protection after just one phone call from private investigators pretending to be State officials. The underhand tactics used to extract confidential information from a leading State agency is revealed…
PA: Investigation urged of security breach in Fayette County computer system
Mary Pickels reports: Fayette County Commissioner Angela Zimmerlink said on Tuesday that further investigation is needed into an alleged security breach caused when Commissioner Al Ambrosini directed IT department head Kebin Holbert to increase access to the county computer system for a financial consultant working for the county. Referring to a letter from acting Controller…
Ca: Henry v Bell Mobility: Another Federal Court case shows PIPEDA damages are hardly worth pursuing absent evidence of actual harm
Canadian privacy lawyer David T.S. Fraser writes: The Federal Court, in the recently issued decision in Henry v Bell Mobility 2014 FC 555 (not yet on CanLII or the Court’s site) has awarded a very modest sum of damages to a customer of Bell Mobility whose phone account was accessed by an impostor. At the hearing…
Iowa, North Carolina join states studying Experian breach – Reuters
Jim Finkle and Karen Freifeld of Reuters also have more on the Court Ventures/U.S. Info Search that has put millions of consumers at risk of identity theft or financial fraud: Iowa and North Carolina said they are looking into a breach involving a subsidiary of Experian Plc that exposed some 200 million social security numbers,…