Steve Ragan reports: A post to Pastebin containing account details for Electronic Arts (EA) customers hit a little too close to home for one gamer, who found his email address, account password, and games list among the harvested data. The data dump also included what appear to be dates of birth. A mere three hours…
CERT.pl report on “The Postal Group”
From CERT.pl: During the SECURE conference, we presented a talk outlining actions performed by a group of criminals, which we have called “The Postal Group”. Their name is derived from the fact that they masquerade their phishing attacks as messages from the post office. This phishing then leads to either cryptolocker or a banking trojan….
Security breach at Halifax and Bank of Scotland left account activities visible for up to six years (UPDATED)
Katie Morley reports: A security hole in Halifax and Bank of Scotland’s online banking facilities has put tens of thousands of customers at risk of fraud by leaving their financial activities visible to anyone. The glitch meant fraudsters were able to view accounts without using hacking devices as they would only need someone’s name, date…
Alberta Health System investigating alleged privacy breach by 48 Calgary employees
Erica Stark reports: At least one health care worker has been fired and dozens more are facing disciplinary action after allegedly improperly accessing a patient’s information, a claim that the nurse’s union is disputing. Forty-eight employees of Alberta Health Services are under investigation by the health authority and the privacy commissioner after a routine audit revealed…
Service Systems Associates updates its breach disclosure
Back in July, this site reported that a number of gift shops at zoos were impacted by a breach involving their point of sale systems. Service Systems Associates (SSA) issued a statement at the time. I’m not sure why more impacted entities are first disclosing now, but WBAP reports: You’ll want to check your bank statements if you went…
US taxman slammed: Half of the IRS’s servers still run doomed Windows Server 2003
Kieren McCarthy reports: Half of America’s Internal Revenue Service’s (IRS) servers are running Windows Server 2003, despite extended support for it ending in July. That’s according to a report by the Treasury Inspector General that took a look at the IRS’ $139m upgrade program. The report is distinctly unimpressed and notes that the IRS “did not follow established policies…