Keli Rabon reports: Anna Culina just wanted to check her miles on United Airline’s mobile website, but instead, she ended up with a whole lot more. “I was navigating around activity and statements, and each time I navigated around to a different area, I pulled up someone else’s information,” Culina said. Culina found the personal…
Category: U.S.
If it’s Friday, it’s time to reset almost 18 million passwords? (Corrected)
Care2 has notified users of a security breach. In its FAQ, the online community said that it discovered the breach on December 27, but as of December 28, “We are currently unable to determine the full extent of the security breach.” The site is forcing a password reset and urging members to change their passwords on…
STRATFOR wasn’t the only firm storing full credit card numbers with CVV – Who failed to guide GuideYou.com? (updated)
Three recent breach reports to the New Hampshire Attorney General’s Office that flew under the media radar: Automatic Data Processing (ADP) reported that a laptop stolen from an associate’s home contained information on A. W. Hastings‘ employees including names, addresses, and Social Security numbers. The laptop, stolen November 12, was encrypted and had a logon…
WV: Bank says Va. company failed to prevent ID theft (update1)
Here’s another breach I hadn’t heard about. Interesting to see the bank suing the firm for negligence in security. Kyla Asbury reports: The Bank of Charles Town is suing N/L Entertainment after it claims the company failed to prevent the theft of debit card and credit information of its customers at the Alamo Drafthouse Cinemas…
New York City Public Advocate notifies web site submitters of security breach, but did they downplay its scope?
It felt like an exercise in futility, but on Christmas Day, I started making phone calls to alert the NYC Office of the Public Advocate that their database had been hacked and personal and sensitive information of those seeking assistance had been exposed. No one ever called me back, but having provided specific details to…
Preliminary analysis of Stratfor data dump (updated)
Identity Finder has analyzed some of the data released from the Stratfor hack: 50,277 unique credit card numbers, of which 9,651 are not expired 86,594 email addresses, of which 47,680 are unique 27,537 phone numbers, of which 25,680 are unique 44,188 encrypted passwords, of which roughly 50 percent could be easily cracked 73.7 percent of decrypted passwords…