Anonymous/AntiSec/LulzSec has released two data dumps: one from the California Statewide Law Enforcement Association and one from the New York State Association of Chiefs of Police. Both dumps appear to include names, email addresses and passwords for members as well as some mail spools. The passwords appear to be MD5, and some have already been…
Category: U.S.
United flyer finds dozens of passengers’ info online
Keli Rabon reports: Anna Culina just wanted to check her miles on United Airline’s mobile website, but instead, she ended up with a whole lot more. “I was navigating around activity and statements, and each time I navigated around to a different area, I pulled up someone else’s information,” Culina said. Culina found the personal…
If it’s Friday, it’s time to reset almost 18 million passwords? (Corrected)
Care2 has notified users of a security breach. In its FAQ, the online community said that it discovered the breach on December 27, but as of December 28, “We are currently unable to determine the full extent of the security breach.” The site is forcing a password reset and urging members to change their passwords on…
STRATFOR wasn’t the only firm storing full credit card numbers with CVV – Who failed to guide GuideYou.com? (updated)
Three recent breach reports to the New Hampshire Attorney General’s Office that flew under the media radar: Automatic Data Processing (ADP) reported that a laptop stolen from an associate’s home contained information on A. W. Hastings‘ employees including names, addresses, and Social Security numbers. The laptop, stolen November 12, was encrypted and had a logon…
WV: Bank says Va. company failed to prevent ID theft (update1)
Here’s another breach I hadn’t heard about. Interesting to see the bank suing the firm for negligence in security. Kyla Asbury reports: The Bank of Charles Town is suing N/L Entertainment after it claims the company failed to prevent the theft of debit card and credit information of its customers at the Alamo Drafthouse Cinemas…
New York City Public Advocate notifies web site submitters of security breach, but did they downplay its scope?
It felt like an exercise in futility, but on Christmas Day, I started making phone calls to alert the NYC Office of the Public Advocate that their database had been hacked and personal and sensitive information of those seeking assistance had been exposed. No one ever called me back, but having provided specific details to…