UPDATEOhio State University warned those who have had contact with the University that a server containing personally identifiable data was illegally accessed by a third party and may have exposed data on 760,000 people.
Browsing Tag: data breach
UPDATEMcDonald’s has served billions of hamburgers, but thousands of those customers may be regretting their patronage, after the fast food giant acknowledged that contact information for an unknown number of customers was stolen from a third party e-mail marketing firm it uses.
By Jeremiah Grossman, CTO, WhiteHat Security[img_assist|nid=3078|title=|desc=|link=none|align=left|width=100|height=100]Everyone sounded the alarms at the Gawker Media attack, which included a security breach of websites such as Gizmodo, Lifehacker, Kotaku, io9, and others. The numbers were impressive: 1.3 million user accounts exposed, 405 megabytes of source code lost, and perhaps more important to some, the identity of those leaving anonymous comments potentially revealed. For Gawker, there is a loss of trust that will be difficult to regain. Users are already clamoring for the ability to delete their accounts. And, on the technical side, all Gawker’s systems will need to painstakingly audited or rebuilt entirely from scratch to prevent the same thing from happening again. Happy Holidays indeed.
A recent internal audit at NASA, the U.S. space agency, found significant weakness in the way the agency disposes of IT equipment, including evidence that used hard drives containing sensitive NASA data may have been sold to the public on the secondhand market.
OK. It’s been just over a week since information leaking Web site Wikileaks released the first installment of leaked U.S. diplomatic cables, with each day bringing new documents from the purported hoard of some 250,000 pages, and new developments from a range of very pissed off Western governments.
The main server used to distribute the open-source ProFTPD software was compromised over the weekend through the use of a bug in the FTP software itself, and a backdoored version of the software was uploaded and distributed for several days as a result.
The Web site of Wikileaks was moving quickly to stay out of the way of large scale denial of service attacks on Sunday and Monday, following the release of a trove of sensitive U.S. diplomatic cables. The controversial site, which has spent months trying to find a home secure from government seizure, now appears to be hosted on servers that are part of U.S. firm Amazon.com’s giant hosted Web Services infrastructure based in Seattle, Washington.
By Dave Merkel
I’m a dirty vendor. That
may not be the best way to start a serious dialogue about security product
effectiveness, but I hate to read a post on security theory by some insincere
tie-wearing wonk only to discover afterwards that he or she is Lord High Poobah
of Marketing at “Scaring You For Profit, Inc.”
So I’ll just tell you who and what I am up front. I may have to wear the
tie, but I don’t have to be that guy.
Continue at your own risk.
A ten year veteran of the U.S. automaker Ford Motor Company pleaded guilty in federal court on November 17 to charges that he stole company secrets, including design documents, worth more than $50 million and sharing them with his new employer: the Chinese division of a U.S. rival of Ford’s.
As part of its continuing focus on collecting information on data breaches and thefts, Verizon Business has released VERIS Community application, a new application that enables security professionals to enter anonymous information about an incident and receive a detailed report in return.