data breach

bitdefender.com

Ex-Yahoo employee avoids jail, despite hacking 6000 accounts, and stealing nude photos and videos

A former employee of Yahoo has been sentenced and ordered to pay a fine after exploiting his privileged access to hack into the personal accounts of thousands of Yahoo users, in his hunt for naked photographs and videos of young women.

Read more in my article on the Hot for Security blog.

Hackers hijack Twitter account of Russia’s Ministry of Foreign Affairs, offer to sell stolen data

A hacked Russian government Twitter account offers to sell a tourist database for 66 bitcoins (approximately US $499,000).

Websites of eight US cities poisoned by malware skimming the credit card details of residents

Beware if you’re paying your bills for local government services – the payment information you type into that web form may be heading straight to cybercriminals.

bitdefender.com

Voice recordings from domestic violence alerting app exposed on the internet

A smartphone app, disguised as a regular app delivering the top world, sports, and entertainment news, containing a secret feature that allows victims of domestic abuse to send a covert distress call for help at the touch of a button.

What could possibly go wrong?

Read more in my article on the Hot for Security blog.

Smashing Security podcast #184: Vanity Bitcoin wallets, BlueLeaks, and a Coronavirus app conspiracy

A conspiracy spreads on social media about Coronavirus tracing apps, US police find decades’ worth of sensitive data leaked online, and is there a Bitcoin bonanza to be had from watching Elon Musk YouTube videos?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by Graham Cluley and Carole Theriault, joined this week by the BBC’s Zoe Kleinman.

bitdefender.com

DDoSecrets thrown off Twitter after distributing 269GB BlueLeaks data dump

The activist group Distributed Denial of Secrets, perhaps better known by their shorter but clumsy moniker DDoSecrets, has been permanently banned from Twitter.

Read more in my article on the Hot for Security blog.

Stalker Online hacked! Over one million gamers’ passwords made available for download

More than one million players of the video game Stalker Online have been put at risk after hackers offered them for sale on the darknet.

bitdefender.com

Credit-card skimming malware hit websites as Coronavirus lockdown forced retailers to close high street stores

On March 20th, the Claire’s accessories retail chain beloved by young girls around the world made the sensible decision to close all of its physical stores in response to the Coronavirus Covid-19 pandemic.

A nuisance for shoppers, certainly. But also an opportunity if you were a malicious hacker.

Read more in my article on the Bitdefender Business Insights blog.

tripwire.com

Babylon Health app leaked patients’ video consultations

Babylon Health, makers of a smartphone app that allows Brits to have consultations with NHS doctors, has admitted that a “software error” resulted in some users being able to access other patients’ private video chats with GPs.

Read more in my article on the Tripwire State of Security blog.

Smashing Security podcast #182: Space Force, credit card fraud, and beep-ti-beep

Graham finds himself in hot water with a security firm after a data breach, Carole discusses credit card fraud, and we have a pleasant surprise for Thom Langford, who appears to have mostly agreed to be a guest to promote his own podcast.

All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown’s Thom Langford.

Nintendo warns 300,000 accounts have been hacked since early April

Video gaming firm Nintendo has warned customers to not reuse passwords on different services after releasing an increased tally of compromised accounts since April.

After threatening me with legal action, Keepnet Labs finally issues statement over data breach

UK security company Keepnet Labs has finally publicly confirmed that a database it had collated containing more than five billion records from past data breaches was “briefly exposed” on the internet.

bitdefender.com

26 million LiveJournal users warned that their passwords have been breached

On underground criminal marketplaces the email addresses and plaintext passwords of over 26 million LiveJournal blogging accounts are being traded, despite LiveJournal’s owners refusing to acknowledge that any security breach has occurred.

Read my article on the Hot for Security blog.

How EasyJet customers could make money out of the airline being hacked

If you were one of the many EasyJet customers who received an email from the airline disclosing that your personal information may have been accessed by hackers, you might be eligible for compensation.

Here’s one way you might try to do that.

bitdefender.com

As hackers sell 8 million user records, Home Chef confirms data breach

Meal kit and food delivery company Home Chef has confirmed that hackers breached its systems, making off with the personal information of customers.

But only after a hacking group put the stolen data up for sale…

Read more in my article on the Hot for Security blog.

EasyJet’s breach notification email to customers – a closer look

Let’s take a closer look at the email EasyJet is sending to customers affected by its recent security breach.

Including a brief exploration of how EasyJet’s definition of “recent” might differ from yours or mine…