Hacker group @DeleteSec has been making a bit of noise in the leak scene over the past month or so and one of its recent targets is ReadingRockets.org> Reading Rockets is a national multimedia literacy initiative offering information and resources on how young kids learn to read, why so many struggle, and how caring adults…
#OpIndependence. Vitali Klitschko’s UDAR party hacked. Confidential data leaked
Hello We are Anonymous Ukraine We promised to strike at the web resources of Western hirelings and fascists that are trying to hurl Ukraine into chaos. For a start we’ve hacked e-mail account of one of the regional offices of the Vitali Klitschko’s UDAR party and downloaded all the stuff we found there. We strongly…
Thousands hit in Tesco.com attack
Mark Ward reports: Tesco has deactivated customers’ internet accounts after their login names and passwords were shared online. The list of more than 2,000 Tesco.com accounts was posted to a popular text-sharing site earlier on Thursday. The supermarket giant said the data had been compiled by hackers using details stolen from other sites. A small…
Update: Does Dentrix need to send individual notification letters rescinding its "encryption" claim?
As regular readers may recall, I had raised some concerns about Henry Schein Dental claiming its Dentrix G5 product provided “encryption” after NIST had declared in 2013 that it wasn’t encryption but only weak data obfuscation. And I was pleased when Dentrix reconsidered their position after my blog post and decided to re-brand G5 as providing…
The National-Socialist Party of Canada Hacked, Credentials Leaked
A hacker who uses the handle @SQLiNairb has announced a leak of data from a well known Nazi Parties website. The breach is on the The National-Socialist Party of Canada official website (https://nspcanada.nfshost.com/) and was breached with a very simple GET based MySQL injection. The website which hosts information is really nothing important but considering the…
Why otherwise adequate breach response plans may fail
One of the recurring themes by commenters on this blog is that they got a breach notification that offered them free credit monitoring services, but: 1. They can’t access the site they’re directed to; 2. They are alarmed that the site asks them for their personal information; and/or 3. They have no reason to trust…