data breach

Major data breach hits Oracle’s MICROS point of sale platform

Oracle has suffered a major data breach affecting its MICROS POS payments systems.  The hack involved malicious code found on MICROS customer service systems.  The malware allowed hackers to access customer login information.   Early indications are that the attack originated in Russia. Oracle believes that individual transaction data was not compromised, but it is [...]

By |2017-11-18T15:32:37-05:00August 10th, 2016|data breach, data security, MICROS, Oracle|0 Comments

Possible massive Yahoo data breach includes userids, passwords and birthdates

Yahoo is investigating the claims of a hacker that 200 million+ Yahoo account credentials and personally identifiable information have been backed and are for sale on the dark web.  The hacker, who claims to also be associated with recent LinkedIn and MySpace data breaches, stated that the data is "most likely" from 2012. The hacker, [...]

By |2017-11-18T15:32:37-05:00August 3rd, 2016|data breach, data security, Yahoo|0 Comments

Resold/Repurposed computers and hard drives can be a rich source of confidential data for fraudsters

Data security firm Blancco Technology Group recently conducted an experiment whereby they purchased 200 used data drives, then conducted a forensic analysis to determine whether they contained confidential/personally identifiable information. The result?  67% contained personal information and 11% contained sensitive business data including emails, spreadsheets, social security numbers, strategic and planning information, and inventories.  36% showed [...]

By |2017-11-18T15:32:39-05:00June 29th, 2016|data breach, data security|0 Comments

MySpace data hack could be largest yet

MySpace announced this week that it was the target of a data hack, potentially involving 360 million accounts and over 400 million passwords.  (Editorial comment: who knew that MySpace was still that relevant?) Most of the hacked credentials were created before 2013, giving some hope that the passwords are stale because they have been changed [...]

By |2017-11-18T15:32:39-05:00June 1st, 2016|data breach, data security|0 Comments

Karma?: Hacker forum hacked

Nulled, a web community used by hackers to discuss their activities and market stolen data, has been hacked itself.   The website indicates it is "temporarily down for unscheduled maintenance". Apparently the hacked information includes data on more than 400,000 users, purchase records of stolen information, and thousands of posts providing details about potentially illegal [...]

By |2017-11-18T15:32:40-05:00May 17th, 2016|data breach, data security|0 Comments

Anatomy of a data breach: how common productivity tools exposed sensitive government data

The popular productivity tool Slack allows teams to collaborate, communicate and share information.  According to Slack's website, "everyone has a transparent view of all that's going on".  But when Slack is integrated with file management tools like Google Drive, sensitive data can be exposed. That's exactly what happened in a recent incident within the U.S. General Services Administration [...]

By |2017-11-18T15:32:40-05:00May 16th, 2016|data breach, data security, Google|0 Comments

Millions (or is that billions?) of login credentials hacked, setting the stage for increased identity theft, data breaches and system intrusions.

Initially reported by Hold Security's Alex Holden and expanded by Reuters, a Russian hacker claims to be in possession of over 1 billion account credentials including Google, Hotmail and Yahoo accounts.  If true, this would likely be the largest user credentials breach in history.  Google, Yahoo and the other providers are investigating but have not yet commented on [...]

By |2017-11-18T15:32:41-05:00May 5th, 2016|data breach, data security|0 Comments

April has been a tough month for data breaches. New report finds 85% of successful exploits are related to ten preventable vulnerabilities.

April is shaping up to be a big month for data breach revelations.  High profile incidents include the BeautifulPeople dating site (1.1 million users compromised), Lifeboat gaming site (7 million accounts),  essential oils seller doTerra (3 million customers) and Spotify (extent unknown), to name a few. The consequences are getting higher:  states including Tennessee and Nebraska are [...]

By |2017-11-18T15:32:41-05:00April 27th, 2016|data breach, data security|0 Comments

Data breach story with a happy ending? Sort of.

As detailed in this American Banker article, an FDIC employee who was leaving the agency copied over 40,000 records with PII onto a portable drive.  Although technically a data breach, the intent was apparently innocuous as the employee was copying various personal photos and other files (which probably shouldn't be on an FDIC work computer) on [...]

By |2017-11-18T15:32:41-05:00April 15th, 2016|data breach, data security, FDIC|0 Comments

Massive Turkey data breach affects nearly half of its citizens, is nearly double the size of the 2015 U.S. OPM breach

Yesterday's report of a massive data breach involving nearly half of the citizens of Turkey is the latest in a series of hacks designed to make a political or philosophical point.  In this case, the hacker (or "hacktivist") apparently had a beef with the Turkish government, although financial gain may also have been an objective.  While the [...]

By |2017-11-18T15:32:41-05:00April 6th, 2016|data breach, data security, EMV, PCI-DSS|0 Comments