Breaches & Exposures

ICANN removes domain applicants' details from website

ICANN is opening up the web to hundreds of more domains beyond the traditional .com and .net, but this week it failed to secure the personal information of applicants.

eHarmony may have suffered same fate as LinkedIn

By

Joining LinkedIn, dating website eHarmony said Wednesday that it is investigating the possible theft of its members' passwords.

Global Payments working to again validate its PCI compliance

By

For the first time, breached processor Global Payments disclosed on Tuesday that a number of card brands have removed the company from their approved list of service providers.

Connecticut community college hit with "zero-day" malware

By

Eighty-seven thousand people affiliated with Housatonic Community College may be open to identity theft after the institution became the second Connecticut school to experience a malware outbreak this year.

Visa warns of phone phishing after Global Payments breach

By

Visa is advising its customers to be wary of phone scams in which fraudsters request their credit card information under the guise that they need it for "security reasons" in light of the major data breach that affected Global Payments, according to a Tuesday alert from Visa.

Number of victims in state of Utah breach significantly rises

By

A misconfigured server is to blame for the attack, which impacted roughly 780,000 Medicaid and Children's Health Insurance Plan recipients.

LulzSec hacker reverses guilty plea for Sony Pictures attack

By

An accused member of the hacktivist group LulzSec pleaded guilty Thursday in federal court in Los Angeles to charges of hacking into the systems of Sony Pictures Entertainment, according to reports.

Hackers target Medicaid claim forms in Utah

By

Hackers, believed to be operating out of Eastern Europe, breached a server at the Utah Department of Health (UDOH) to access thousands of Medicaid records.

Attention executives: Make sense of security (finally)

Attention executives: Make sense of security (finally)

Boardrooms are finally buzzing with serious discussion around cyber security as countless high-profile breaches have produced massive loss.

Visa expels Global Payments following 1.5M-card breach

By

Global Payments, a major credit card processor based in Atlanta, is off Visa's approved list after it confirmed it was breached of some 1.5 million card numbers. The incident, however, is still shrouded in some mystery.

RockYou to pay FTC $250K after breach of 32M passwords

By

The FTC seemed most upset with RockYou's failure to protect the personal information of 179,000 children who registered to use the site.

LulzSec redux dumps data after raiding military dating site

By

Hackers calling themselves "LulzSec Reborn" have claimed responsibility for two breaches that resulted in the dumping of personal information.

Michigan union employees' data exposed

By

The personal information of more than 1,000 public employees of Wayne County, Mich., was exposed when a spreadsheet containing their data was inadvertently attached to an email blast.

University of Tampa sustains breach of Social Security numbers

By

The college blames a "server management error" for the public posting of confidential information of tens of thousands of students, faculty and staff.

Data breach costs drop for first time in study

By

Organizations now pay an average of $194 per breached record, the first time the annual Symantec-Ponemon Institute "Cost of a Data Breach Study" noted a drop since its inception in 2006.

Porn site Digital Playground hacked to expose card numbers

By

Online hackers have compromised two adult websites, including the very popular YouPorn, in recent weeks, apparently to highlight weak security.

Lawsuits in Sutter Health breach to be rolled into one

By

Following the theft of a computer at Sutter Health in October that put the personal information of more than 4.2 million patients at risk, 11 class-action lawsuits were filed against the Sacramento, Calif.-based nonprofit.

Sponsors say new Senate cyber bill less costly for business

By

A group of Republican senators on Thursday introduced a competing bill to the bipartisan Cybersecurity Act of 2012, which was unveiled two weeks ago.

Hacktivism endures

Hacktivism endures

By

The threat posed by politically motivated attackers, known as hacker activists, or hacktivists, is far-reaching, yet authorities are finding it difficult to take down a structurally decentralized movement.

Hacking now responsible for most of exposed records

By

Until last year, lost and stolen laptops were to blame for the largest percentage of breach types. Now, hacking has claimed the top spot.

Patient data available on Google, Yahoo due to security mishap

By

The health records of more than 30,000 patients at five California hospitals may have been publicly accessible via search engines due to improper server configurations.

Podcast: The probability of a data breach lawsuit

By

If a data breach occurs, when are companies more likely to be sued by consumers or employees? A Carnegie Mellon University researcher joined me on the SC Magazine Podcast to discuss.

Stratfor subscribers targeted by malware-ridden emails

By

A letter addressed to the stolen email addresses of Stratfor customers claims to be a helpful reminder of malware scams, but is actually bait to spread the Zbot trojan.

Breaches aided by weak passwords, poor AV detection

By

Trustwave's annual review of its data breach response investigations concluded that franchises are now the prime target for hackers seeking customer data, such as credit card numbers.

Phishing email leads to Denver area health care breach

By

Hackers may have accessed the personal health data belonging to patients of Denver area-based Metro Community Provider Network, a nonprofit health care provider for low-income individuals and families.

Anonymous raids law firm over its defense of Marine

By

Anonymous stayed busy on Friday with the dump of 300 GB of emails and other communications, lifted from the law firm representing a U.S. Marine who recently escaped jail time for his role in a 2005 massacre.

Security breaches impacting VeriSign emerge in filing

By

The company responsible for ensuring that users reach the website they intend to reach admitted in an SEC filing that its network was breached numerous times in 2010.

Indiana University hospital hacked to steal data

By

Malware may have allowed attackers to make off with the personal information of thousands of people connected to Indiana University Health Goshen Hospital.

Univ. of Hawaii settles with 98,000 over five breaches

By

The largest class-action settlement in Hawaii's history is related to data breaches at University of Hawaii campuses.

Symantec admits stolen source code impacts pcAnywhere

By

Big Yellow has done an about-face in light of new analysis that confirms users of its pcAnywhere software may be at risk to attack due to the disclosure of source code.

Sign up to our newsletters

POLL