Hmm. This one could result in big numbers. A notification from Title Nine about Annex Cloud. Annex Cloud is a service provider that you may never have heard of but may have used many times. The notification explains: Annex Cloud provides a service that enables individuals to use their user name and password from social media…
Children’s charity Kars4Kids leaks info on 21,000 donors
Bob Diachenko of HackenProof.com reports: Kars4Kids is a charity that asks people to donate their cars, motorcycles, RVs, and real estate. They are most known for their nationwide advertising using their hypnotic theme song where a child and a Johny Cash impersonator sing the phone number and invites people to donate their cars today. On…
WordPress GDPR plugin inadvertently exposed sites to hackers
Keumars Afifi-Sabet reports: Attackers have been exploiting a flaw in a WordPress GDPR-compliance plugin to hijack vulnerable websites and implement remote code execution. The flaw had been present in Wordfence’s GDPR Compliance plugin for at least four months and, ironically, allowed hackers to gain access to a site using the tool. Hackers could then execute any…
CMS increases Healthcare.gov breach total to 93,600
Evan Sweeney reports: More people were impacted by last month’s Heatlhcare.gov data breach than previously thought, according to an update from the Centers for Medicare & Medicaid Services (CMS). The agency reported a final total of 93,689 people whose information was compromised during an Oct. 16 data breach that targeted the Direct Enrollment pathway used…
Another Facebook vulnerability could have exposed information about users and their friends
Dani Deahl reports: The security company Imperva has released new details on a Facebook vulnerability that could have exposed user data. The bug allowed websites to obtain private information about Facebook users and their friends through unauthorized access to a company API, playing off a specific behavior in the Chrome browser. The bug was disclosed…
Romanian hacker “Guccifer” extradited to U.S. to finish prison sentence: Reports
Andrew Blake reports: Marcel Lehel Lazar, a prolific computer hacker known as “Guccifer,” has been extradited to the United States to finish serving a prison sentence related to a cybercrime spree credited with exposing Hillary Clinton’s use of a personal email account while secretary of state, outlets in his native Romania reported Monday. Romania’s Alba…