So here’s another case where a vendor’s database was accessed by someone who was able to acquire a client’s login credentials: The international law firm of McKenna Long & Aldridge notified the Maryland Attorney General’s Office on February 26 that 441 current and former employees’ W-2 information and other information were involved: As a result…
Category: Subcontractor
ZA: SANRAL resets passwords but doesn’t confirm any breach
After a hacker revealed a vulnerability in the SANRAL website that exposed customer information in January, SANRAL denied it was hacked. Today, they’ve notified registered e-toll users of a password reset, but claim that they still have no evidence of a hack. According to BusinessTech: ETC, the company running the system, told BusinessTech that its…
Computer theft at Greenleaf Book Group
A janitor is suspected of being responsible for the theft of five desktop computers and laptops from the Austin, Texas office of Greenleaf Book Group (GBG). The theft was discovered on January 18. At least one of the computers held current and past customer and vendor information including names, email addresses, credit card information, and in…
CFNC reports accidental disclosure of personal information by third party
WBTV reports: The College Foundation of North Carolina notified participants of the NC 529 Plan that some personal information was accidentally disclosed by a third-party vendor. The foundation, CFNC, sent an email out to participants on Wednesday morning that a third-party vendor’s staging server inadvertently allowed public access to this limited information. A list of…
Citroen becomes the latest victim of Adobe ColdFusion hackers
Tom Brewster reports: A prolific hacker gang that has breached numerous companies by exploiting Adobe software has claimed another major hit in the form of car manufacturer Citroën, the Guardian has learned. Citroën had one of its German websites hacked to include a backdoor, which is a method of bypassing normal authentication systems, and which…
PA: Point Park University notifies employees of possible data breach
Justine Coyne reports employees at a Pittsburgh university are being notified after a package containing payroll reports from the university’s payroll vendor, Ceridian, arrived with the reports missing from the package: Point Park University on Wednesday alerted employees to a potential data breach involving names, home addresses, Social Security numbers and other information. The potential…