Data Breaches news & analysis | SC Media

Data Breach

More details emerge on extent of ticketing company breach

Shubert theater company organization shines spotlight on customer data breach

Theater company The Shubert Organization has reportedly disclosed a data breach that compromised the personal information of its theater customers. A May 16 notification letter sent to impacted individuals says that an authorized party had accessed certain Shubert employees’ email accounts, which contained customer information including names and credit card numbers and expiration dates. The…

resizedimage250198-copy-files-_275977

HCL employee, customer files found open to public

The digital solutions firm HCL left accessible information belonging to some of its employees and customers. The breach was first noticed by UpGuard when it came across personal information and plaintext passwords for new hires, reports on installations of customer infrastructure, and web applications for managing personnel. Using a keyword search technique that trolls for…

Report: Hacking group wipes content from over 12,000 open MongoDB databases

In less than a month’s time, the “Unistellar” hacking group has reportedly accessed over 12,000 unsecured MongoDB databases and stolen their contents, apparently holding them for ransom. Security researcher Sanyam Jain initially discovered the wiped databases late last month using the BinaryEdge scanning service, according to a BleepingComputer report last Friday. The 12,564 sabotaged databases…

Breach of Stack Overflow’s production systems exposes data on roughly 250 users

An unauthorized party accessed Stack Overflow’s production systems earlier this month and executed privileged web requests that exposed information on roughly 250 public network users, the Q&A website for programmers announced last Friday. Stack Overflow Vice President of Engineering Mary Ferguson said in a May 17 blog post that the intruder exploited a bug in…

Donald Trump

Hackers add bogus scores to Trump’s U.S. Golf Association account

Hackers accessed President Trump’s U.S. Golf Association account and added four fake golf scores for games allegedly played at two courses. After being alerted to media reports, “as we dug into the data it appears someone has erroneously posted a number of scores on behalf of the GHIN user,” Golfweek cited Craig Annis, the managing…

New Jersey amends data breach law, expanding definition of personal info

New Jersey last week officially passed Bill S-52, which amends its previous data breach notification law. Governor Phil Murphy signed the bipartisan legislation into law on May 10, after the bill sailed through the state’s General Assembly and Senate last February. The new law expands the definition of what constitutes personal information that, if exposed in…

Boost Mobile breached

Boost Mobile was hit with a breach which affected an unknown number of customer accounts. “Boost.com experienced unauthorized online account activity in which an unauthorized person accessed your account through your Boost phone number and Boost.com PIN code,” the company said in a notification. “The Boost Mobile fraud team discovered the incident and was able…

Hackers access, steal info from 460K Uniqlo Japan online accounts

Hackers stole data, including partial credit card numbers, on 460,000 Uniqlo Japan online customers in an incident that took place between April 23 and May 10. “We deeply apologize to our customers and pledge to prevent this from happening again,” according to a statement from Fast Retailing Co., the parent of Uniqlo and GU Japan, which…

Next post in Data Breach