Paul Bischoff reports: Hackers claim to have stolen 700,000 guest records belonging to Choice Hotels, one of the largest hotel chains in the world. Comparitech collaborated with security researcher Bob Diachenko to uncover the unsecured database, which was left exposed and accessible to anyone with an internet connection. Diachenko immediately notified the company of the…
British Airways E-Ticketing Flaw Exposes Passenger Flight, Personal Data
Lindsey O’Donnell reports: A vulnerability in British Airways’ e-ticketing system could enable a bad actor to view passengers’ personal data or change their booking information. A security bug discovered in British Airways’ e-ticketing system has the potential to expose passengers’ data, including their flight booking details and personal information. Read more on Threatpost.
FBI: Nashville company Asurion paid $300K ransom after private data was stolen; former employee named as suspect
Brian Kelman reports: A Nashville corporation paid at least $300,000 in ransom to a extortionist who claimed he stole private info of thousands of employees and more than a million customers, according to new court records from an ongoing FBI investigation. Asurion, a global phone insurance and tech support company headquartered in the city, confirmed the breach but said it believes the suspect…
Ugh. Amazon buckets with 1.8 million pharmacy-related files and 1.2 million telemarketing recordings about diabetic supplies found unsecured
Copies of fax cover letters from three pharmacies found exposed in an unsecured Amazon s3 bucket Faxes reveal patients’ names, addresses, dates of birth and their medications and doctors’ names Audio recordings in the second unsecured bucket reveals marketers claiming to represent firms that do not appear to exist as they try to get consumers…
SC: Data breach exposes information of more than 800 Charleston Co. employees
Nick Krueger reports: The Charleston County Sheriff’s Office has been notified after more than 800 Charleston County employees were part of a data breach because of an inadvertent email which was sent out by a county Human Resources employee. According to county spokesman Shawn Smetana, that email contained the names, dates of birth, social security…
Indian Army detects cybersecurity breach in Northern Command officer’s computer
ANI News reports that a senior Indian Army intelligence officer detected a cybersecurity breach in a computer connected to the Army’s intranet. Investigators are now trying to determine how the malware was injected.