Past and current customers of a cosmetic surgery clinic are contacted by hackers making ransom demands, after they broke into its network and stole personal information.
Red faces at Microsoft after a security researcher discovered an internal customer support database had been left exposed for anyone on the internet to access – no password required.
Law enforcement agencies have seized control of the domain of WeLeakInfo, a website offering cheap access to billions of personal credentials stolen from approximately 10,000 data breaches.
Canadian online pharmacy PlanetDrugsDirect.com has contacted customers warning them that their data might have been exposed in what they euphemistically describe as a “data security incident”. Read more in my article on the Tripwire State of Security blog.
The man who hacked the UK National Lottery didn’t end up a winner, Japanese Love hotel booking tool suffers a data breach, and just what is 23andMe planning to do with your DNA? All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Thom Langford.
The developer of a smartphone app has carelessly left a database accessible to anybody with an internet connection, leaving exposed a database of millions of records containing baby videos and photos, as well as the email addresses of users. Read more in my article on the Hot for Security blog.
You may have been expecting to reveal a lot by signing up as an adult webcam model, but I doubt this is quite what you had in mind.
DSG Retail, the parent company of Currys PC World and Dixons Travel, has been fined £500,000 for a hack which lasted from July 2017 to April 2018. But if the breach had lasted for just one month longer, they could have expected a much MUCH larger penalty.
The City of Waco has warned residents that their online payments for water services may have been intercepted by hackers who stole credit card details. Read more in my article on the Tripwire State of Security blog.
Women’s activewear retailer Sweaty Betty has emailed some of its customers warning that their payment card details may have been compromised by malicious code running on its website. Read more in my article on the Hot for Security blog.
A new AWS feature is supposed to help avoid accidental misconfigurations that could result in sensitive data being exposed, a company’s brand being damaged, and even – potentially – put its customers at risk. Read more in my article on the Bitdefender Business Insights blog.
The personal details of some past and present Palo Alto Networks employees – their names, dates of birth and social security numbers – have been exposed online. But is it really the company’s fault? Read more in my article on the Bitdefender Business Insights blog.
In this 20 minute clip from a special bonus episode produced for our Patreon supporters, Graham Cluley and Carole Theriault discuss the 2014 hack of Sony Pictures – reportedly carried out by North Korea for the very oddest of reasons…
Facebook and Twitter have announced that personal data related to hundreds of users may have been improperly accessed after users logged into third-party Android apps with their social media accounts. Read more in my article on the Tripwire State of Security blog.
Hackers have once again successfully compromised the website of Chinese phone manufacturer OnePlus, opening up opportunities for online criminals to target the company’s customers. Read more in my article on the Hot for Security blog.
British businessman Arron Banks, one of the self-styled “Bad Boys of Brexit” and a leading figure of the Leave.EU campaign, has had his Twitter account hacked.