Barbara Christiansen reports: Employees of the Provo City School District may have an extra concern facing them as the district has discovered a data breach. There was a phishing attack and someone gained access to an employee’s email account. That account contained files with sensitive, personal identification information for about half of the district’s employees….
Category: Other
We Take Your Privacy and Security. Seriously.
One of the things Brian Krebs and I seem to have in common is that you don’t want to have to send either of us a breach notification letter. Brian writes of his own recent experience with Cox, who wrote to him and 51 other customers: “On or about Aug. 13, 2014, “we learned that one…
Bash bug: Shell Shocked yet? You will be … when this goes WORM
Darren Pauli reports: Much of the impact of the Shell Shocked vulnerability is unknown and will surface in the coming months as researchers, admins and attackers (natch) find new avenues of exploitation. The vulnerability, coined Shell Shocked by researcher Robert Graham, existed in the Bash command interpreter up to version 4.3 and affected scores of servers,…
Experts Condemn eBay After XSS Attack Puts Users At Risk
Tom Jowitt reports: The attack on eBay was a cross-site scripting (XSS) attack, in which users were redirected to a spoof website designed to steal their credentials. It is not known at this stage, how many users have been affected, said the BBC. “It would be nice to think that eBay, one of the world’s most popular…
IE: Private investigators charged with ‘blagging’ personal data
Elaine Edwards reports on a breach case previously noted on this blog: Two private investigators have appeared in court charged with allegedly ‘blagging’ personal information on a number of individuals from both the Department of Social Protection and the HSE nd with passing it to credit unions. Margaret Stuart (56) and Wendy Martin< (45), both directors of MCK Rentals…
IE: Dirty tricks at centre of credit union snooping
Niall O’Connor reports on a major case of social engineering: Sensitive personal data, including addresses and job details, was handed over by the Department of Social Protection after just one phone call from private investigators pretending to be State officials. The underhand tactics used to extract confidential information from a leading State agency is revealed…