The Data Breach Thread

Everything else!

Moderators: Bakhtosh, EvilHomer3k

Post Reply
User avatar
Blackhawk
Posts: 43493
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: The Data Breach Thread

Post by Blackhawk »

former Cloudflare employee Ryan Lackey suggests changing every password for every online account
Oh, that's just hilarious. My personal password reference shows 562 sites, and that isn't counting those where the password is only on LastPass, so probably 750 from the last ten to twelve years for myself, my kids, even my ex-wife. If it takes five minutes to go to a site, log in, find the changing option, change it, verify it by email, then it will only take ~60 hours to change all of my passwords.

Given that I am lucky to have one or two hours a day of free time, I can have it done in a month if I give up all of my hobbies.

Dumbasses need to release a list of affected services.
(˙pǝsɹǝʌǝɹ uǝǝq sɐɥ ʎʇıʌɐɹƃ ʃɐuosɹǝd ʎW)
User avatar
Moliere
Posts: 12295
Joined: Sun Sep 03, 2006 10:57 am
Location: Walking through a desert land

Re: The Data Breach Thread

Post by Moliere »

"The world is suffering more today from the good people who want to mind other men's business than it is from the bad people who are willing to let everybody look after their own individual affairs." - Clarence Darrow
User avatar
Isgrimnur
Posts: 82085
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: The Data Breach Thread

Post by Isgrimnur »

Verifone
San Jose, Calif.-based Verifone is the largest maker of credit card terminals used in the United States. It sells point-of-sale terminals and services to support the swiping and processing of credit and debit card payments at a variety of businesses, including retailers, taxis, and fuel stations.

On Jan. 23, 2017, Verifone sent an “urgent” email to all company staff and contractors, warning they had 24 hours to change all company passwords.
...
The internal Verifone memo — a copy of which was obtained by KrebsOnSecurity and is pictured above — also informed employees they would no longer be allowed to install software of any kind on company computers and laptops.

Asked about the breach reports, a Verifone spokesman said the company saw evidence in January 2017 of an intrusion in a “limited portion” of its internal network, but that the breach never impacted its payment services network.
...
Verifone’s Mr. Payment declined to answer additional questions about the breach, such as how Verifone learned about it and whether the company was initially notified by an outside party. But a source with knowledge of the matter told KrebsOnSecurity.com that the employee alert Verifone sent out on Jan, 23, 2017 was in response to a notification that Verifone received from the credit card companies Visa and Mastercard just days earlier in January.
...
According to my source, the intrusion impacted at least one corner of Verifone’s business: A customer support unit based in Clearwater, Fla. that provides comprehensive payment solutions specifically to gas and petrol stations throughout the United States — including, pay-at-the-pump credit card processing; physical cash registers inside the fuel station store; customer loyalty programs; and remote technical support.
...
Update, 1:17 p.m. ET: Verifone circled back post-publication with the following update to their statement: “According to the forensic information to-date, the cyber attempt was limited to controllers at approximately two dozen gas stations, and occurred over a short time frame. We believe that no other merchants were targeted and the integrity of our networks and merchants’ payment terminals remain secure and fully operational.”
It's almost as if people are the problem.
User avatar
em2nought
Posts: 5307
Joined: Fri Oct 15, 2004 5:48 am

Re: The Data Breach Thread

Post by em2nought »

Kind of funny that as I get a few paragraphs into the story their website obscures my view and asks me to turn off my ad blocker. :roll:
Technically, he shouldn't be here.
User avatar
Moliere
Posts: 12295
Joined: Sun Sep 03, 2006 10:57 am
Location: Walking through a desert land

Re: The Data Breach Thread

Post by Moliere »

Ransomware Attack Locks Democratic State Senators Out Of Their Computers
A ransomware attack has frozen Democrats in the Pennsylvania state Senate out of their computers, data, email and website.

The attack, believed to be the first such on a state legislative party organization, was discovered on the morning of March 3. After malware infected the legislative party’s computer systems, the hackers demanded a ransom payment in bitcoin to remove the virus and unlock the files and data.

The Democratic senators’ government website is currently offline. State senators and party operatives are urged not to try to access email or anything that could be connected to their network host for fear of spreading the malware.
"The world is suffering more today from the good people who want to mind other men's business than it is from the bad people who are willing to let everybody look after their own individual affairs." - Clarence Darrow
User avatar
Max Peck
Posts: 13682
Joined: Fri Aug 05, 2005 8:09 pm
Location: Down the Rabbit-Hole

Re: The Data Breach Thread

Post by Max Peck »

U.S. indicts Russian spies, hackers over massive Yahoo hack
The U.S. government on Wednesday unsealed charges against two Russian spies and two criminal hackers for allegedly pilfering 500 million Yahoo user accounts in 2014.

The indictments, announced at a news conference in Washington, represent the first time the U.S. government has criminally charged Russian officials for cyber offenses.

The contents of at least 30 million accounts were accessed as part of a spam campaign and at least 18 people who used other internet service providers, such as Google, were also victimized, the government charged.

The officers of the FSB, Russia’s Federal Security Service, which is a successor to the KGB, were identified as Dmitry Dokuchaev and his superior, Igor Sushchin, the government said.

Both men are in Russia, it said.

Alexsey Belan, who is on the list of most-wanted cyber criminals, and Karim Baratov, who was born in Kazakhstan but has Canadian citizenship, were also named in the indictment.

The Justice Department said Baratov was arrested in Canada on Tuesday and his case is pending with Canadian authorities.

Belan was arrested in Europe in June 2013 but escaped to Russia before he could be extradited to the United States, according to the Justice Department.

"The criminal conduct at issue, carried out and otherwise facilitated by officers from an FSB unit that serves as the FBI’s point of contact in Moscow on cyber crime matters, is beyond the pale,” said Acting Assistant Attorney General Mary McCord.

McCord said the hacking campaign was waged by the FSB to collect intelligence but that the two hackers used the collected information as an opportunity to "line their pockets."
"What? What? What?" -- The 14th Doctor

It's not enough to be a good player... you also have to play well. -- Siegbert Tarrasch
User avatar
Max Peck
Posts: 13682
Joined: Fri Aug 05, 2005 8:09 pm
Location: Down the Rabbit-Hole

Re: The Data Breach Thread

Post by Max Peck »

How hackers hijacked a bank’s entire online operation
The traditional model of hacking a bank isn’t so different from the old-fashioned method of robbing one. Thieves get in, get the goods, and get out. But one enterprising group of hackers targeting a Brazilian bank seems to have taken a more comprehensive and devious approach: One weekend afternoon, they rerouted all of the bank’s online customers to perfectly reconstructed fakes of the bank’s properties, where the marks obediently handed over their account information.

Researchers at the security firm Kaspersky on Tuesday described an unprecedented case of wholesale bank fraud, one that essentially hijacked a bank’s entire internet footprint. At 1 pm on October 22 of last year, the researchers say, hackers changed the Domain Name System registrations of all 36 of the bank’s online properties, commandeering the bank’s desktop and mobile website domains to take users to phishing sites. In practice, that meant the hackers could steal login credentials at sites hosted at the bank’s legitimate web addresses. Kaspersky researchers believe the hackers may have even simultaneously redirected all transactions at ATMs or point-of-sale systems to their own servers, collecting the credit card details of anyone who used their card that Saturday afternoon.

“Absolutely all of the bank’s online operations were under the attackers’ control for five to six hours,” says Dmitry Bestuzhev, one of the Kaspersky researchers who analyzed the attack in real time after seeing malware infecting customers from what appeared to be the bank’s fully valid domain. From the hackers’ point of view, as Bestuzhev puts it, the DNS attack meant that “you become the bank. Everything belongs to you now.”
"What? What? What?" -- The 14th Doctor

It's not enough to be a good player... you also have to play well. -- Siegbert Tarrasch
User avatar
Isgrimnur
Posts: 82085
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: The Data Breach Thread

Post by Isgrimnur »

WaPo
On Friday night, 18 minutes before midnight, every single one of Dallas’s 156 emergency weather sirens started doing this:
https://twitter.com/deadlyblonde/status ... 7234869248
...
By 1:20 a.m., flummoxed officials had decided the only way to stop the noise was “to unplug the radio systems and the repeater, and pretty much turn the siren system completely off,” as emergency management director Rocky Vaz explained to reporters the next day.

At that same news conference (ironically drowned out at one point by ambulance sirens) city spokeswoman Sana Syed announced that the 95 minutes of howling had not been a glitch after all.
...
Officials have ruled out a remote hack — telling reporters someone gained physical access to a hub connecting all the sirens, which may not be turned on again until Monday as the city tries to figure out who, how and why.
It's almost as if people are the problem.
User avatar
Isgrimnur
Posts: 82085
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: The Data Breach Thread

Post by Isgrimnur »

Possible Gamestop.com breach
Video game giant GameStop Corp. says it is investigating reports that hackers may have siphoned credit card and customer data from its website — gamestop.com. The company acknowledged the investigation after being contacted by KrebsOnSecurity.
...
Two sources in the financial industry told KrebsOnSecurity that they have received alerts from a credit card processor stating that Gamestop.com was likely compromised by intruders between mid-September 2016 and the first week of February 2017.

Those same sources said the compromised data is thought to include customer card number, expiration date, name, address and card verification value (CVV2), usually a 3-digit security code printed on the backs of credit cards.

Online merchants are not supposed to store CVV2 codes, but hackers can steal the codes by placing malicious software on a company’s e-commerce site, so that the data is copied and recorded by the intruders before it is encrypted and transmitted to be processed.

GameStop would not comment on the possible timeframe of the suspected breach, or say what types of customer data might be impacted.
It's almost as if people are the problem.
User avatar
Isgrimnur
Posts: 82085
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: The Data Breach Thread

Post by Isgrimnur »

Shoney's
Multiple sources in the financial industry say they’ve traced a pattern of fraud on customer cards indicating that the latest victim may be Shoney’s, a 70-year-old restaurant chain that operates primarily in the southern United States.

Shoney’s did not respond to multiple requests for comment left with the company and its outside public relations firm over the past two weeks.
...
Sources in the financial industry say they’ve received confidential alerts from the credit card associations about suspected breaches at dozens of those locations, although it remains unclear whether the problem is limited to those locations or if it extends company-wide. Those same sources say the affected locations were thought to have been breached between December 2016 and early March 2017.

It’s also unclear whether the apparent breach affects corporate-owned or franchised stores — or both.
It's almost as if people are the problem.
User avatar
gilraen
Posts: 4313
Joined: Wed Sep 04, 2013 7:45 pm
Location: Broomfield, CO

Re: The Data Breach Thread

Post by gilraen »

Apparently there's a huge Google Doc phishing scam going around right now.
User avatar
Moliere
Posts: 12295
Joined: Sun Sep 03, 2006 10:57 am
Location: Walking through a desert land

Re: The Data Breach Thread

Post by Moliere »

"The world is suffering more today from the good people who want to mind other men's business than it is from the bad people who are willing to let everybody look after their own individual affairs." - Clarence Darrow
User avatar
em2nought
Posts: 5307
Joined: Fri Oct 15, 2004 5:48 am

Re: The Data Breach Thread

Post by em2nought »

Wonderful, next they'll be wanting to test my DNA before they'll let me withdraw "my" funds. :doh: I never wanted my bank to be online in the first place, surely some banks could exist and flourish without having to be online. I know I'd prefer to bank there. :wink:
Technically, he shouldn't be here.
User avatar
Isgrimnur
Posts: 82085
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: The Data Breach Thread

Post by Isgrimnur »

If you have an HP G-series laptop, your audio software comes with a bonus keylogger:
The audio driver installed on some HP laptops includes a feature that could best be described as a keylogger, which records all the user's keystrokes and saves the information to a local file, accessible to anyone or any third-party software or malware that knows where to look.
...
According to researchers, the keylogger feature was discovered in the Conexant HD Audio Driver Package version 1.0.0.46 and earlier.

This is an audio driver that is preinstalled on HP laptops. One of the files of this audio driver is MicTray64.exe (C:\windows\system32\mictray64.exe).

This file is registered to start via a Scheduled Task every time the user logs into his computer. According to modzero researchers, the file "monitors all keystrokes made by the user to capture and react to functions such as microphone mute/unmute keys/hotkeys."

This behavior, by itself, is not a problem, as many other apps work this way. The problem is that this file writes all keystrokes to a local file at:

C:\users\public\MicTray.log

If the file doesn't exist or a registry key containing this file's path does not exist or was corrupted, the audio driver will pass all keystrokes to a local API, named the OutputDebugString API.

The danger is that malicious software installed on the computer, or a person with physical access to the computer, can copy the log file and have access to historical keystroke data, from where he can extract passwords, chat logs, visited URLs, source code, or any other sensitive data.
Instructions to mitigate at the link.
It's almost as if people are the problem.
User avatar
Isgrimnur
Posts: 82085
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: The Data Breach Thread

Post by Isgrimnur »

Docusign
DocuSign, a major provider of electronic signature technology, acknowledged today that a series of recent malware phishing attacks targeting its customers and users was the result of a data breach at one of its computer systems. The company stresses that the data stolen was limited to customer and user email addresses, but the incident is especially dangerous because it allows attackers to target users who may already be expecting to click on links in emails from DocuSign.

On San Francisco-based DocuSign warned on May 9 that it was tracking a malicious email campaign where the subject line reads, “Completed: docusign.com – Wire Transfer Instructions for recipient-name Document Ready for Signature.” The missives contained a link to a downloadable Microsoft Word document that harbored malware.

The company said at the time that the messages were not associated with DocuSign, and that they were sent from a malicious third-party using DocuSign branding in the headers and body of the email. But in an update late Monday, DocuSign confirmed that this malicious third party was able to send the messages to customers and users because it had broken in and stolen DocuSign’s list of customers and users.
...
The company is asking people to forward any suspicious emails related to DocuSign to spam @ docusign.com, and then to delete the missives.
It's almost as if people are the problem.
User avatar
Grifman
Posts: 21196
Joined: Wed Oct 13, 2004 7:17 pm

Re: The Data Breach Thread

Post by Grifman »

Disney hacked, latest POTC movie has been stolen:

https://www.gamespot.com/articles/pirat ... 0-6450075/
Tolerance is the virtue of the man without convictions. – G.K. Chesterton
User avatar
stessier
Posts: 29816
Joined: Tue Dec 21, 2004 12:30 pm
Location: SC

Re: The Data Breach Thread

Post by stessier »

They shouldn't pay. Beyond the spoilers, I'm not sure that release would hurt them. It's unlikely any of the pirates were going to pay to see the movie anyway and maybe some will even decide they want to see it on the big screen.
I require a reminder as to why raining arcane destruction is not an appropriate response to all of life's indignities. - Vaarsuvius
Global Steam Wishmaslist Tracking
Running____2014: 1300.55 miles____2015: 2036.13 miles____2016: 1012.75 miles____2017: 1105.82 miles____2018: 1318.91 miles__2019: 2000.00 miles
Jeff V
Posts: 36414
Joined: Fri Oct 15, 2004 7:17 pm
Location: Nowhere you want to be.

Re: The Data Breach Thread

Post by Jeff V »

The last time this happened, wasn't the release date moved up to minimize damage? When is this movie supposed to come out?
Black Lives Matter
User avatar
coopasonic
Posts: 20969
Joined: Fri Mar 04, 2005 11:43 pm
Location: Dallas-ish

Re: The Data Breach Thread

Post by coopasonic »

Jeff V wrote:The last time this happened, wasn't the release date moved up to minimize damage? When is this movie supposed to come out?
5/26 - in 10 days
-Coop
Black Lives Matter
Jeff V
Posts: 36414
Joined: Fri Oct 15, 2004 7:17 pm
Location: Nowhere you want to be.

Re: The Data Breach Thread

Post by Jeff V »

I doubt this would affect box office all that much. Any impact would be months down the road when it hits streaming.
Black Lives Matter
User avatar
Isgrimnur
Posts: 82085
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: The Data Breach Thread

Post by Isgrimnur »

Zomato/Urbanspoon
Popular restaurant app Zomato says the records of about 17 million users have been stolen in a security breach.
...
The company, which competes with Yelp (YELP), reassured affected customers that no payment information or credit card details were stolen.

Zomato said the security measures it uses ensure the stolen passwords can't be converted back into normal text, but it still urged users who use the same password on other services to change them. It also logged the affected users out of the app and reset their passwords.

The Indian startup said the theft was "a recent discovery," but it didn't specify when it happened.

"So far, it looks like an internal (human) security breach - some employee's development account got compromised," the company said in a blog post, without providing further details. It didn't immediately respond to a request for more information.
...
Founded in 2008, Zomato says 120 million users visit it every month. After expanding across countries in Asia, Europe and South America, the startup bought Urbanspoon in 2015 to gain access to the U.S. and Australian markets.
It's almost as if people are the problem.
User avatar
gilraen
Posts: 4313
Joined: Wed Sep 04, 2013 7:45 pm
Location: Broomfield, CO

Re: The Data Breach Thread

Post by gilraen »

Chipotle
Hackers used malware to steal customer payment data from most of Chipotle Mexican Grill Inc's (CMG.N) restaurants over a span of three weeks, the company said on Friday, adding to woes at the chain whose sales had just started recovering from a string of food safety lapses in 2015.

Chipotle said it did not know how many payment cards or customers were affected by the breach that struck most of its roughly 2,250 restaurants for varying amounts of time between March 24 and April 18, spokesman Chris Arnold said via email.
User avatar
KDH
Posts: 1309
Joined: Sat Jun 04, 2005 2:04 pm
Location: California

Re: The Data Breach Thread

Post by KDH »

.
:coffee: ... Rime’s developers issue strange challenge to crack their DRM

Break Denuvo and they’ll launch a DRM-free game

The puzzle game Rime, which launched last week, is one of a few games to acknowledge that it uses Denuvo anti-tampering digital rights management protection. But the game's makers say they will remove the DRM — if someone cracks it.

This bizarre challenge/promise surfaced in Rime's Steam forums from a staff member of Tequila Works, Rime's developing studio. Tequila Works argued internally over whether to include the DRM, ultimately choosing to do so because "we want to ensure the best gaming experience for Rime players.

"Rime is a very personal experience told through both sight and sound," wrote Dariuas, the Rime community manager, on Steam. "When a game is cracked, it runs the risk of creating issues with both of those items, and we want to do everything we can to preserve this quality in RiME."

OK. Whatever the reason, it's their prerogative to include the DRM. But what the hell is with this?
"We are very committed to this, but also to the simple fact that nothing is infallible. That being said, if RIME is cracked we will release a Denuvo free version of RiME and update existing platforms."
Again, it's Tequila Works' prerogative to include or strip out DRM from things it makes. I just don't get why, if they think it's so important to protecting the user's experience, the studio would effectively challenge everyone to crack the protection.

Denuvo isn't infallible, as Tequila Works points out, but it is supposedly a tough nut to crack. Denuvo admits its product can be broken; subsequent updates address that. The product’s overall goal is to make the cracking process so long and painful that hackers ultimately give up.

Games protected by Denuvo include Mass Effect: Andromeda, which updated its DRM after launch and effectively locked pirates out of the wave of major updates brought to the game. Last year, a group of Chinese pirates bemoaned the difficulty of cracking Just Cause 3, though that may have been a disinformation campaign to lower developers' and Denuvo's vigilance.
.
Ain't nobody got time for that
.
User avatar
em2nought
Posts: 5307
Joined: Fri Oct 15, 2004 5:48 am

Re: The Data Breach Thread

Post by em2nought »

gilraen wrote:Chipotle
Hackers used malware to steal customer payment data from most of Chipotle Mexican Grill Inc's (CMG.N) restaurants over a span of three weeks, the company said on Friday, adding to woes at the chain whose sales had just started recovering from a string of food safety lapses in 2015.

Chipotle said it did not know how many payment cards or customers were affected by the breach that struck most of its roughly 2,250 restaurants for varying amounts of time between March 24 and April 18, spokesman Chris Arnold said via email.
I hope I get a few free burrito bowls out of this. :mrgreen:
Technically, he shouldn't be here.
User avatar
Isgrimnur
Posts: 82085
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: The Data Breach Thread

Post by Isgrimnur »

KMart
Last week I began hearing from smaller banks and credit unions who said they strongly suspected another card breach at Kmart. Some of those institutions received alerts from the credit card companies about batches of stolen cards that all had one thing in common: They were all used at Kmart locations.

Asked to respond to rumors about a card breach, Kmart’s parent company Sears Holdings said some of its payment systems were infected with malicious software:
...
"Based on the forensic investigation, NO PERSONAL identifying information (including names, addresses, social security numbers, and email addresses) was obtained by those criminally responsible. However, we believe certain credit card numbers have been compromised. Nevertheless, in light of our EMV compliant point of sale systems, which rolled out last year, we believe the exposure to cardholder data that can be used to create counterfeit cards is limited. There is also no evidence that kmart.com or Sears customers were impacted.”
...
Sears spokesman Chris Brathwaite said the company is not commenting on how many of Kmart’s 735 locations nationwide may have been impacted or how long the breach is believed to have persisted, saying the investigation is ongoing.
It's almost as if people are the problem.
User avatar
Isgrimnur
Posts: 82085
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: The Data Breach Thread

Post by Isgrimnur »

OneLogin
OneLogin, an online service that lets users manage logins to sites and apps from a single platform, says it has suffered a security breach in which customer data was compromised, including the ability to decrypt encrypted data.
...
A breach that allowed intruders to decrypt customer data could be extremely damaging for affected customers. After OneLogin customers sign into their account, the service takes care of remembering and supplying the customer’s usernames and passwords for all of their other applications.
...
According to Motherboard, the message also directed customers to a list of required steps to minimize any damage from the breach, such as generating new API keys and OAuth tokens (OAuth being a system for logging into accounts), creating new security certificates as well as credentials; recycling any secrets stored in OneLogin’s Secure Notes feature; and having end-users update their passwords.

Gartner Inc. financial fraud analyst Avivah Litan said she has long discouraged companies from using cloud-based single sign-on services, arguing that they are the digital equivalent to an organization putting all of its eggs in one basket.
It's almost as if people are the problem.
User avatar
Isgrimnur
Posts: 82085
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: The Data Breach Thread

Post by Isgrimnur »

Sweden
Sweden’s prime minister decried as “extremely serious” a huge leak of confidential information that potentially included details of military personnel and plans.

Stefan Lofven blamed a botched outsourcing agreement by the country’s transport agency for such a large breach of government secrets.
...
Micael Byden, Sweden’s supreme commander, said there was a risk that information about some military vehicles and people with protected identities had leaked. The armed forces had earlier said the transport agency — which regulates everything from civil aviation to driving licences — could have information about personnel and security planning as well.

Swedish media have reported that the home addresses of fighter pilots, as well as databases containing criminal records and people suspected of crimes, were also accessible to IT workers in the Czech Republic. 
It's almost as if people are the problem.
User avatar
Moliere
Posts: 12295
Joined: Sun Sep 03, 2006 10:57 am
Location: Walking through a desert land

Re: The Data Breach Thread

Post by Moliere »

The Man Who Wrote Those Password Rules Has a New Tip: N3v$r M1^d!
The new guidelines, which are already filtering through to the wider world, drop the password-expiration advice and the requirement for special characters, Mr. Grassi said. Those rules did little for security—they “actually had a negative impact on usability,” he said.

Long, easy-to-remember phrases now get the nod over crazy characters, and users should be forced to change passwords only if there is a sign they may have been stolen, says NIST, the federal agency that helps set industrial standards in the U.S.
"The world is suffering more today from the good people who want to mind other men's business than it is from the bad people who are willing to let everybody look after their own individual affairs." - Clarence Darrow
Covenant72
Posts: 718
Joined: Fri Oct 21, 2005 1:03 pm

Re: The Data Breach Thread

Post by Covenant72 »

User avatar
Isgrimnur
Posts: 82085
Joined: Sun Oct 15, 2006 12:29 am
Location: Chookity pok
Contact:

Re: The Data Breach Thread

Post by Isgrimnur »

Part of the problem is that there are so many systems with an upper limit. I don't know of many places that would allow a 25-character password. It's getting better, but there are still plenty of legacy systems.
It's almost as if people are the problem.
User avatar
Pyperkub
Posts: 23583
Joined: Mon Dec 13, 2004 5:07 pm
Location: NC- that's Northern California

Re: The Data Breach Thread

Post by Pyperkub »

Moliere wrote:Second hack exposed military and intel data
Hackers linked to China appear to have gained access to the sensitive background information submitted by intelligence and military personnel for security clearances, several U.S. officials said Friday, describing a second cyberbreach of federal records that could dramatically compound the potential damage.

The forms authorities believed to have been accessed, known as Standard Form 86, require applicants to fill out deeply personal information about mental illnesses, drug and alcohol use, past arrests and bankruptcies. They also require the listing of contacts and relatives, potentially exposing any foreign relatives of U.S. intelligence employees to coercion. Both the applicant's Social Security number and that of his or her cohabitant is required.

The officials spoke on condition of anonymity because the security clearance material is classified.

"This tells the Chinese the identities of almost everybody who has got a United States security clearance," said Joel Brenner, a former top U.S. counterintelligence official. "That makes it very hard for any of those people to function as an intelligence officer. The database also tells the Chinese an enormous amount of information about almost everyone with a security clearance. That's a gold mine. It helps you approach and recruit spies."
OPM Chinese hacker nabbed:
The FBI has arrested a Chinese national from Shanghai linked to the massive data breach that hit the Office of Personnel Management back in 2014 to 2015. Feds took the chance to nab Yu Pingan when he flew into the Los Angeles International Airport on Wednesday to attend a conference. He's now facing charges under the Computer Fraud and Abuse Act and accusations of conspiracy to defraud the United States. His circumstances and connection to the OPM breach are a bit convoluted, though, and the court papers filed to indict him didn't even mention the event.
Black Lives definitely Matter Lorini!

Also: There are three ways to not tell the truth: lies, damned lies, and statistics.
User avatar
LawBeefaroni
Forum Moderator
Posts: 55316
Joined: Fri Oct 15, 2004 3:08 pm
Location: Urbs in Horto, outrageous taxes on everything

Re: The Data Breach Thread

Post by LawBeefaroni »

Doing it old school:
Image
The health insurer Aetna is facing criticism for revealing the HIV status of potentially thousands of customers after it sent out a mailer in which information about ordering prescription HIV drugs was clearly visible through the envelope's clear window.
" Hey OP, listen to my advice alright." -Tha General
"No scientific discovery is named after its original discoverer." -Stigler's Law of Eponymy, discovered by Robert K. Merton

MYT
Freyland
Posts: 3041
Joined: Sat Jan 01, 2005 11:03 pm

Re: The Data Breach Thread

Post by Freyland »

"Facing criticism"...?

I suspect they will be "facing" a big pillow. Biting it, in fact.
Sims 3 and signature unclear.
User avatar
Max Peck
Posts: 13682
Joined: Fri Aug 05, 2005 8:09 pm
Location: Down the Rabbit-Hole

Re: The Data Breach Thread

Post by Max Peck »

Equifax says hack potentially exposed details of 143 million consumers
Equifax Inc (EFX.N), a provider of consumer credit scores, said on Thursday a hack exposed the personal details of potentially 143 million U.S. consumers between mid-May and July.

The company’s shares were down 5.4 percent in after-market trading

The company said criminals had accessed details including names, social security numbers, and, in some cases, driver’s license numbers.

In addition, credit card numbers of around 209,000 U.S. consumers and certain dispute documents with personal identifying information of around 182,000 U.S. consumers were accessed, the company said.

Equifax also said personal information of certain UK and Canadian residents were also hacked.

The Atlanta-based company it would work with UK and Canadian regulators to determine the next steps.

Equifax, which discovered the unauthorized access on July 29, said it had hired a cybersecurity firm to investigate the breach.

The company said there was no evidence of a breach into its core consumer or commercial credit reporting databases.
Three Equifax Managers Sold Stock Before Cyber Hack Was Revealed
Three Equifax Inc. senior executives sold shares worth almost $1.8 million in the days after the company discovered a security breach that may have compromised information on about 143 million U.S. consumers.

The credit-reporting service said late Thursday in a statement that it discovered the intrusion on July 29. Regulatory filings show that three days later, Chief Financial Officer John Gamble sold shares worth $946,374 and Joseph Loughran, president of U.S. information solutions, exercised options to dispose of stock worth $584,099. Rodolfo Ploder, president of workforce solutions, sold $250,458 of stock on Aug. 2. None of the filings lists the transactions as being part of 10b5-1 pre-scheduled trading plans.

Equifax said in the statement that intruders accessed names, Social Security numbers, birth dates, addresses and driver’s-license numbers, as well as credit-card numbers for about 209,000 consumers. The incident ranks among the largest cybersecurity breaches in history.

Equifax shares tumbled 6.2 percent to $133.90 in extended trading at 5:50 p.m. in New York. Marisa Salcines, a spokeswoman for the Atlanta-based company, didn’t immediately return a call for comment.
Good to see that they had their priorities straight when it came to managing the incident.
"What? What? What?" -- The 14th Doctor

It's not enough to be a good player... you also have to play well. -- Siegbert Tarrasch
User avatar
Blackhawk
Posts: 43493
Joined: Tue Oct 12, 2004 9:48 pm
Location: Southwest Indiana

Re: The Data Breach Thread

Post by Blackhawk »

I'm about half tempted to just publish everything about me online so I won't have to worry about the hacks anymore.
(˙pǝsɹǝʌǝɹ uǝǝq sɐɥ ʎʇıʌɐɹƃ ʃɐuosɹǝd ʎW)
User avatar
Anonymous Bosch
Posts: 10512
Joined: Thu Oct 14, 2004 6:09 pm
Location: Northern California [originally from the UK]

Re: The Data Breach Thread

Post by Anonymous Bosch »

Freezing one's credit is a simpler, and safer option.
"There is only one basic human right, the right to do as you damn well please. And with it comes the only basic human duty, the duty to take the consequences." — P. J. O'Rourke
Zenn7
Posts: 4447
Joined: Wed Dec 22, 2004 10:15 pm
Location: Michigan

Re: The Data Breach Thread

Post by Zenn7 »

If you go through their website they set up, you can enter your last name and last 6 of your Soc # to see if you have been impacted. Based on mine and wife's - they do not believe either of us has been impacted, but we can still sign up for 1 year of their free credit monitoring.

So... if they don't think you're in the 1/2 of the country that has been impacted, do you sign up for free credit monitoring from someone who just got hacked? :think:
User avatar
Anonymous Bosch
Posts: 10512
Joined: Thu Oct 14, 2004 6:09 pm
Location: Northern California [originally from the UK]

Re: The Data Breach Thread

Post by Anonymous Bosch »

Zenn7 wrote:If you go through their website they set up, you can enter your last name and last 6 of your Soc # to see if you have been impacted. Based on mine and wife's - they do not believe either of us has been impacted, but we can still sign up for 1 year of their free credit monitoring.

So... if they don't think you're in the 1/2 of the country that has been impacted, do you sign up for free credit monitoring from someone who just got hacked? :think:
Heh. I wouldn't put much faith in their automated website's ability to accurately determine or predict the risk of identity theft with any degree of accuracy. "An ounce of prevention is worth a pound of cure," particularly in terms of identity theft. I'd also steer clear of any 'credit monitoring' services, as they're little more than futile security theatre anyway.

A credit freeze remains the best way to protect yourself from identity theft, period and amen. Because it simply adds dual-factor authentication to the notion of establishing any new credit in your name. Think of it as adding a 'Blizzard Authenticator' to secure your identity and credit, rather than a Battle.net account.
"There is only one basic human right, the right to do as you damn well please. And with it comes the only basic human duty, the duty to take the consequences." — P. J. O'Rourke
User avatar
Rip
Posts: 26891
Joined: Tue Oct 12, 2004 9:34 pm
Location: Cajun Country!
Contact:

Re: The Data Breach Thread

Post by Rip »

Freyland
Posts: 3041
Joined: Sat Jan 01, 2005 11:03 pm

Re: The Data Breach Thread

Post by Freyland »

Max Peck wrote:Equifax says hack potentially exposed details of 143 million consumers
Equifax Inc (EFX.N), a provider of consumer credit scores, said on Thursday a hack exposed the personal details of potentially 143 million U.S. consumers between mid-May and July.

The company’s shares were down 5.4 percent in after-market trading

The company said criminals had accessed details including names, social security numbers, and, in some cases, driver’s license numbers.

In addition, credit card numbers of around 209,000 U.S. consumers and certain dispute documents with personal identifying information of around 182,000 U.S. consumers were accessed, the company said.

Equifax also said personal information of certain UK and Canadian residents were also hacked.

The Atlanta-based company it would work with UK and Canadian regulators to determine the next steps.

Equifax, which discovered the unauthorized access on July 29, said it had hired a cybersecurity firm to investigate the breach.

The company said there was no evidence of a breach into its core consumer or commercial credit reporting databases.
Three Equifax Managers Sold Stock Before Cyber Hack Was Revealed
Three Equifax Inc. senior executives sold shares worth almost $1.8 million in the days after the company discovered a security breach that may have compromised information on about 143 million U.S. consumers.

The credit-reporting service said late Thursday in a statement that it discovered the intrusion on July 29. Regulatory filings show that three days later, Chief Financial Officer John Gamble sold shares worth $946,374 and Joseph Loughran, president of U.S. information solutions, exercised options to dispose of stock worth $584,099. Rodolfo Ploder, president of workforce solutions, sold $250,458 of stock on Aug. 2. None of the filings lists the transactions as being part of 10b5-1 pre-scheduled trading plans.

Equifax said in the statement that intruders accessed names, Social Security numbers, birth dates, addresses and driver’s-license numbers, as well as credit-card numbers for about 209,000 consumers. The incident ranks among the largest cybersecurity breaches in history.

Equifax shares tumbled 6.2 percent to $133.90 in extended trading at 5:50 p.m. in New York. Marisa Salcines, a spokeswoman for the Atlanta-based company, didn’t immediately return a call for comment.
Good to see that they had their priorities straight when it came to managing the incident.
Is them selling their stock really an issue? I do note in the article the three cover themselves by saying they didn't know about the beach (uh huh). Regardless, be gentle, I'm ignorant about these rules.
Sims 3 and signature unclear.
Post Reply