Data Breaches news & analysis | SC Media

Data Breach

Twitter fixes API bug that shared data with wrong developers

By

Twitter on Friday disclosed that it fixed a bug in its Account Activity API (AAAPI) for app developers that may have mistakenly sent certain user data and content to the wrong developers who were not authorized to see this information. The AAAPI, which enables developers build tools that help customers communicate via Twitter, contained the…

Report: Hackers used data mining tool, network sniffer to steal Click2Gov information

By

The malicious actor behind a year-old campaign targeting the web payment portal Click2Gov appears to have been using a malicious webshell, data mining utility program and network sniffer to steal information from users, according to a new report from FireEye researchers. The researchers note that while the perpetrator’s tools and techniques are “generally consistent with other financially…

RussiaHack

Russian MagBo black market offers access to 3000 breached sites

By

Flashpoint researchers discovered a Russian speaking underground market place named “Magbo” selling access to approximately 3,000 breached sites for as little as 50 cents. The site allowed cybercriminals to purchase the exact breach they need depending on the website value with prices as low as 50 cents per access to $1,000 per access, depending on…

Newegg Magecart data breach possibly avoidable

By

The cyber gang Magecart added another notch to its keyboard managing to infiltrate online electronics retailer Newegg with payment card skimming malware, according to two reports, with industry experts weighing in that such attacks can be avoided through higher levels of vigilance by corporate cybersecurity teams. Magecart, which was tagged as responsible for the British…

Adams County clerk resigns over role in data breach

By

One month after being accused of maleficence regarding a data breach that impacted Adams County, Wis., earlier this year, County Clerk Cindy Phillippi has resigned. Phillippi’s resignation came the day before the county board, which has been investigating the breach since it was made public in August, was expected to vote to remove her from…

Cryptocurrency

Thieves nab $60 million in latest heist targeting Japanese cryptocurrency exchange

By

Another Japanese cryptocurrency exchange was hit as thieves made off with roughly $60 million worth of Bitcoin, Monacoin and Bitcoin Cash. The attack targeted Tech Bureau’s Zaif exchange and took place over a two-hour period on Sept. 14 however, the firm detected server problems on Sept. 17 and didn’t confirm the attack until the following…

Premera Blue Cross breached, info on 11 million customers at risk

Blue Cross and Blue Shield of Rhode Island and Independence Blue Cross report breaches

By

Blue Cross and Blue Shield of Rhode Island (BCBSRI) is blaming a vendor for a breach that compromised the personal health information of 1,567 people and Philadelphia-based Insurer Independence Blue Cross was breached in a separate incident. The unnamed vendor reportedly sent the member benefits explanations, also known as health-care services summaries, to the wrong BCBSRI…

14 million customer records exposed in GovPayNow leak

By

GovPayNow.com, a payment system used by thousands of federal and state government agencies in the U.S. and recently acquired by Securus Technologies, has leaked 14 million customer records. Information exposed includes the last four digits of payment cards, names, phone numbers and addresses, according to Brian Krebs, who discovered the leak. Anyone could view the…

Altaba settles Yahoo class action suits to the tune of $47 million

By

Altaba, the company created in the wake of Verizon’s purchase of Yahoo, reported in an SEC filing it has reached an agreement to settle three class action suits stemming from massive data breaches for $47 million. “We are… pleased to announce today that we have reached an agreement in principle (subject to court approval) to…

Amazon Logo

Report: Amazon employees under investigation for allegedly sharing internal data with merchants

By

Online mega-retailer Amazon reportedly has launched an investigation into employees who may have accepted bribes from independent merchants in exchange for sharing private corporate data. Citing sellers and brokers with knowledge of the practice, as well as people familiar with Amazon’s investigations, the Wall Street Journal reported yesterday that data being shared in violation of…

Next post in Cybercrime