Faith Ridler reports: Cancer Research UK customers have been targeted by the same Russian hackers behind recent cyber attacks on Ticketmaster and British Airways. Magecart, an anonymous group of cyber criminals, attempted to steal the card details of people buying gifts through the charity’s website, cyber security experts at consultancy RiskIQ said. The hackers reportedly…
IE: Cork local investigated over hacking of council’s parking app
The Journal reports: The Garda Computer Crime Unit has been drafted in to probe how 5,000 people’s personal information collected by Cork City Council had been illegally accessed by a hacker. Detectives in that garda unit are investigating the breach which saw thousands of people who used a parking app potentially having their data stolen….
New Magecart hack detected at Shopper Approved
Catalin Cimpanu reports: A new security breach involving the Magecart malware came to light today, this time involving a US web company named Shopper Approved that provides a “review widget” that other companies can embed on their sites and collect opinions and ratings from customers. This incident took place on September 15, according to a report…
Two years after ‘trauma’ of hack, DNC builds a tech team with a veteran bench
Tim Johnson reports: The digital operations team at the Democratic National Committee hit some dark days after Russian hackers mauled their networks in 2016, hijacking dozens of computers and pilfering tens of thousands of emails to hand over to WikiLeaks and onto the internet. Remnants of that digital bruising linger. “I feel like everyone’s still…
Heathrow Airport Limited fined £120,000 for serious failings in its data protection practices
From the Information Commissioner’s Office, this monetary penalty notice in response to a breach previously noted on this site: Heathrow Airport Limited (HAL) has been fined £120,000 by the Information Commissioner’s Office (ICO) for failing to ensure that the personal data held on its network was properly secured. On 16 October 2017 a member of…
What NOT to do when researchers notify you of a breach
This story is going to be straight up, forward and simple. What not to do when a researcher like myself contacts you about a security incident. Every day all around the world researchers are being ignored by those who they attempt to help out. Recently another researcher discovered a open s3 bucket that belong to…