Data Breaches news & analysis | SC Media Data Breach

Data Breach

target, data breach

Target files $74 million suit against Chubb over breach coverage

The Target has filed a lawsuit against Chubb with the retailer claiming the insurance carrier did not properly compensate it for costs incurred following the 2013 data breach. In the lawsuit Target said the requirement for its banks to replace its customers physical payment cards that were compromised “Constitutes ‘loss of use of tangible property…

Data breach compromises T-Mobile prepaid accounts

Wireless communications company T-Mobile has disclosed a data breach incident that impacts certain customers with pre-paid service accounts. “Our cybersecurity team discovered and shut down malicious, unauthorized access to some information related to your T-Mobile prepaid wireless account. We promptly reported this to authorities,” stated a notification that the Germany-based company posted online. Compromised information…

Unsecured server exposes 4 billion records, 1.2 billion people

Two security researchers have uncovered four billion records on 1.2 billion people on an unsecured Elasticsearch server impacting what is estimated to be hundreds of millions of people. The data itself comes from the data aggregator and enrichment companies People Data Labs (PDL) and OxyData.Io and contains basic personal information, such as names, home and…

Leaky Gekko Group database exposes info on hotel brands, travelers

European hotel booking platform provider Gekko Group mistakenly stored over 1 terabyte of information on a publicly configured server, exposing troves of data related to its hotel B2B clients, as well as travel agents and their customers. The majority of the exposed data was collected by Gekko brands Teldar Travel, which provides a booking system…

github_1439470

Report: GitHub repository exposes WeWork customer contracts

Data belonging to clients of shared workspace company WeWork was reportedly left exposed and accessible to the public via GitHub, while a web portal separately leaked information on prospective customers. Mossab Hussein, security researcher from Dubian-based spiderSilk, discovered the data mismanagement and reported it to Vice/Motherboard, which published a report on the findings today. The…

Stolen GateHub and EpicBot credentials spotted on hacking forum

Millions of credentials stolen from the GateHub cryptocurrency wallet service and gaming bot provider EpicBot were reportedly posted on popular hacking forum site RaidForums last month, along with other personal information. Roughly 2.2 million accounts were affected – 1,408,078 of which belong GateHub users, while 816,662 were created by EpicBot users, according to security researcher…

macy's

Macys.com Magecart attack yields payment, personal info

Hackers accessed macys.com’s “Checkout” and “My Wallet” pages early last month and added malicious script to lift shoppers’ personal information, such as credit card data, then send it to a remote site. The company discovered the Oct. 7 hack on Oct. 15 when it observed “a suspicious connection” between macys.com and the remote website, the company said in…

police-and-computer

Data breach potentially endangers Fairfax, Va. police officers

About 1,800 people, including 500 Fairfax, Va., county police department employees, had their PII possibly exposed when a USB drive carrying the information went missing. The USB drive containing the full names, birth dates and Social Security numbers for the Fairfax police officers and other employees belonged to Police Chief Cynthia McAlister, who heads the…

Next post in Data Breach