Tag Archives: SecurityBreach
Sanders campaign regains access to DNC voter info (updated)
Vodafone hacker accesses banking data of two million customers in Germany
Vodafone has confirmed that hackers have accessed its servers in Germany, gaining access to personal information and bank details of approximately two million customers. The operator says the breach was a "highly sophisticated and illegal intrusion" that it believes was masterminded by an insider -- and indeed a suspect has already been identified and handed over to police. It's not often you hear about a successful raid on a mobile operator, which is why Vodafone believes it could only have been conducted by someone with an "inside knowledge of [its] most secure internal systems." Vodafone customers outside of Germany aren't affected, and those inside the country should already have been contacted. The company says credit card information, mobile phone numbers, passwords and PIN numbers were not accessed in the attack, although Vodafone is warning customers to be especially vigilant about potential phishing attacks in the future.
Filed under: Wireless
Via: Bloomberg
Ubisoft security breach exposes user data, account holders urged to update passwords
If you've ever signed up for a Uplay account, your information could now be in the hands of criminals. Ubisoft's confirmed that a security breach at one of its sites, now closed, has granted hackers access to sensitive user data (i.e., usernames, emails and passwords). Critically, no actual financial information was leaked, owing to the fact that Ubisoft doesn't retain personal credit or debit card account numbers on its servers. Regardless, the Assassin's Creed developer is taking proactive measures, contacting account holders directly and strongly advising them to update any related passwords. You can find the full email just after the break.
Facebook security bug exposed 6 million users’ personal information (update)
Today, Facebook announced a security bug that compromised the personal account information of six million users. In a post on the Facebook Security page, the site's White Hat team explained that some of the information the site uses to deliver friend recommendations was "inadvertently stored with people's contact information as part of their account on Facebook." When users downloaded an archive of their account via the DYI (download your information) tool, some were apparently given access to additional contact info for friends and even friends of friends. The post continues:
We've concluded that approximately 6 million Facebook users had email addresses or telephone numbers shared. There were other email addresses or telephone numbers included in the downloads, but they were not connected to any Facebook users or even names of individuals. For almost all of the email addresses or telephone numbers impacted, each individual email address or telephone number was only included in a download once or twice. This means, in almost all cases, an email address or telephone number was only exposed to one person. Additionally, no other types of personal or financial information were included and only people on Facebook - not developers or advertisers - have access to the DYI tool.
Facebook says it's temporarily disabled the DYI tool to fix the breach. We've reached out to the site for further comment; for now, read the official statement via the source link below.
Update: Facebook has responded to our inquiries and stated that while the bug was discovered earlier this month, "it had been live since last year." They immediately disabled the tool, fixed the bug and reenabled it within 24 hours of the bug's discovery. The bug was reported to them through a White Hat program for external security researchers.
Filed under: Internet, Facebook
Via: TechCrunch
Source: Facebook
Microsoft execs’ Xbox Live accounts hacked, investigation still underway
Microsoft has just confirmed that a group of hackers have indeed accessed the Xbox Live accounts of several of its past and present "high-profile" employees. News of the breach was first reported by Ars Technica, which itself had been the victim of a DoS attack this last weekend, potentially linked to the same group. Evidence pointing to hacking collective Team Hype's alleged involvement surfaced when videos depicting its efforts were found online; videos that demonstrated the group's reported use of illegally obtained Social Security data to gain access to and sell off Xbox Live user accounts. According to Microsoft's recently issued statement, the company's working with authorities to "disable this current method" and cut off the possibility of future attacks. For now, it appears this security compromise is unrelated to a UK incident which saw Microsoft's Xbox Entertainment Award voting app temporarily expose user data. We'll update you as soon as we hear more.
Filed under: Gaming, Microsoft
Source: Ars Technica
Blizzard suffers security breach, encrypted passwords and authenticator data compromised
According to a recent Blizzard security update, now might be a good time cook up a new password. Blizzard's security team found that its internal network has been illegally accessed, and answers to personal security questions, authenticator data and cryptographically scrambled Battle.net passwords have found their way into the perpetrator's hands. The team is confident, however, that the compromised data isn't enough to give the attacker access to user accounts, and says that there is no evidence to suggest financial data (credit cards, billing addresses and customer names) were accessed. Blizzard President Mike Morhaine recommends that users update their passwords all the same, and we couldn't agree more. Check out his official statement at the source link below and get that Diablo III account locked down.
Filed under: Internet
Blizzard suffers security breach, encrypted passwords and authenticator data compromised originally appeared on Engadget on Thu, 09 Aug 2012 19:48:00 EDT. Please see our terms for use of feeds.
Permalink | | Email this | CommentsMicrosoft fights back against Xbox Live account threats, begs you to update your security settings
Redmond's console gaming network may not have suffered a breach of security comparable to last year's PSN fumble, but that doesn't mean it hasn't braced for impact. According to Xbox Live General Manager Alex Garden, Microsoft has made great strides in account security by taking legal action against sites who share phished usernames and passwords, enacting two-step login verification for untrusted devices and pushing fresh security updates to devices. Even so, Garden says that many of Xbox Live's account protection measures rely on member profiles being up to date, and heartily encourages users to make sure their security information is accurate. Get the word directly from the horses mouth at the source link below.
Filed under: Gaming
Microsoft fights back against Xbox Live account threats, begs you to update your security settings originally appeared on Engadget on Thu, 19 Jul 2012 08:01:00 EDT. Please see our terms for use of feeds.
Permalink | | Email this | CommentsLinkedIn confirms security breach, ‘some passwords’ affected
Reports began swirling this morning that around six million passwords attached to LinkedIn accounts had been compromised, and after looking into the matter, the site has confirmed that "some of the passwords" attached to accounts of LinkedIn members have been affected. The network doesn't specify the number of passwords leaked, nor does it confirm the rumored count of six million. It does, however, promise that it will invalidate passwords of the hit accounts -- and vows to send an email to each affected user with instructions on how to reset their password, followed by another piece of correspondence explaining what happened. Below you'll find the company's official statement, as well as what it is doing to ensure its members are safe.
Continue reading LinkedIn confirms security breach, 'some passwords' affected
LinkedIn confirms security breach, 'some passwords' affected originally appeared on Engadget on Wed, 06 Jun 2012 16:14:00 EDT. Please see our terms for use of feeds.
Permalink | | Email this | Comments