In the wake of two data breaches at hotels operating under the Trump Hotel Collection umbrella, the attorney general for the state of New York has reached a settlement with the company that involves a small financial penalty and promises of improved data security. [More]
data breaches
Report: Yahoo To Confirm Major Data Breach Affecting At Least 200M Accounts
By 9.22.16
UPDATE: Yahoo has now confirmed that at least 500 million users were affected in the breach, which took place in 2014. [More]
Kimpton Confirms Credit Card Info Stolen From More Than 60 Hotels
By 9.1.16
In July, boutique hotel chain Kimpton revealed it was investigating indications that its credit card payment system had possibly been the latest to fall victim to a data breach. Now the company has confirmed the bad news, announcing that the payment terminals at dozens of Kimpton hotels, restaurants and bars were compromised for nearly six months. [More]
Eddie Bauer Removed Malware From Payment Systems In All Of Its Stores
By 8.18.16
In today’s spin of the Wheel of Cybercrime, the affected business is…Eddie Bauer, a clothing and housewares retailer with more than 350 stores across the country. The company confirmed today that its point of sale systems were infected with malware, which has now been removed, and customers’ payment card information may have been compromised. [More]
Data Breach At 20 Hotels In 10 States May Have Exposed Guests’ Payment Card Data
By 8.15.16
The operator of several hotels across 10 states and Washington, D.C. — including Starwood, Marriott, Hyatt and Intercontinental locations — says guests may have had their payment data exposed by hackers who targeted the businesses with malware starting last year. [More]
Report: Wendy’s May Be Latest Victim Of Credit Card Data Breach
By 1.27.16
A burger and some chili or a baked potato seems like a great meal idea in this miserably snowy winter weather so many of us are having. Unfortunately, reports are saying that if you bought that tasty treat from Wendy’s with a credit or debit card recently, it may come with an unwanted side of fraud. [More]
Cox Receives $595K Slap On Wrist For Failing To Prevent Data Breach
By 11.5.15
In Aug. 2014, a hacker used a clever bit of social engineering to talk his way into accessing the personal information for an unknown number of Cox cable, Internet, and phone customers. For its failure to shield its system from this sort of outside invasion, the pay-TV company has agreed to pay $595,000 to the FCC. [More]
Former Ashley Madison Customer Sues Site Over “Army Of Fembots” With Fake Profiles
By 11.2.15
After hackers dumped a plethora of personal information about Ashley Madison’s 37 million subscribers online in August, the public has learned a lot about the dating site aimed at cheaters. Among the reported revelations: only about 15% of its users are women, contrary to the site’s marketing claims, a new lawsuit says. Adding insult to injury? The army of fembots scattered through the sites with fake profiles written by employees. [More]
Zoo And Museum Gift Shop Operator Confirms Details Of Payment Data Breach
By 10.15.15
Back in July, we shared the news that there was a possible payment data breach at numerous zoo and museum gift shops run by Service Systems Associates, a company that designs and runs cafeterias and gift shops for cultural institutions. The company has finally confirmed the breach and the dates that it happened: if you picked up a stuffed lion between March 24 and May 20 of this year, keep an eye on your credit card bills. [More]
Federal Data Breach Included 5.6M Compromised Fingerprints, Five Times The Original Estimate
By 9.23.15
Federal investigators underestimated the number of fingerprints stolen in a massive breach of the Office of Personnel Management earlier this year: the agency announced Wednesday that 5.6 million individuals’ finger prints were stolen, nearly five times the original estimate of 1.1 million compromised prints. [More]
Security Vulnerability In New Kardashian Websites Coughs Up User Info For 600K Subscribers
By 9.17.15
If you’re not up to date on all your reality TV star news, perhaps you aren’t aware that the Kardashian/Jenner sisters recently launched new mobile apps and redesigned websites to stay even more connected with their adoring hordes than before. But while the family’s popularity has seen hundreds of thousands of people signing up for those sites, a new report says the personal information for many of those subscribers was available — albeit briefly — to anyone with the know-how to get it. [More]
Ashley Madison Says People, Even Some Real Women, Are Still Signing Up For Cheating Site
By 8.31.15
We can understand why people continued to shop at retailers that have been hit by data breaches. You still need to buy groceries, clothing, housewares, etc. But what about a website whose main selling point is privacy? Even though AshleyMadison.com — the dating website for cheaters — has been publicly embarrassed by the posting of millions of users’ personal data, it claims that people are still signing up… and that they’re not all just dudes. [More]
Wyndham Hotels Loses Legal Battle With Feds Over Lax Security Practices
By 8.24.15
If a consumer-facing company, like say a massive hotel chain, touts its dedication to the security of customer information and then does something to repeatedly put that information at risk — like storing unencrypted credit card data on barely secure networks — can they be forced to share some of the blame when hundreds of thousands of credit card numbers are stolen? The hotel chain says that would be blaming the victim, but a federal appeals court has affirmed the Federal Trade Commission’s authority to go after businesses that fail to live up to their security promises. [More]
Cheating Website AshleyMadison.com Reportedly Made Nearly $2M/Year From Users Trying To Delete Accounts
By 8.19.15
One of the reasons that hackers first attacked AshleyMadison.com, the dating site for people looking to cheat, is because it charges upwards of $20 to users for a “Full Delete” service that scrubs their accounts and photos from the site; something it could just do without charging. Just how many people paid for this? Enough for the website to make nearly $2 million a year. [More]
Most Small Business Owners Aren’t Ready For Chip-And-PIN Credit Cards
By 8.6.15
Following a string of high-profile data breaches last year, Visa and MasterCard handed down a requirement that all merchants transition to the more secure chip-enabled credit card payment system by October of this year. While several major retailers have already made or are in the process of making the switch, a new report finds that many small business owners don’t even know about the deadline – or the potentially costly consequence of not meeting it. [More]
Hanes Website Is The Latest, Oddest Victim Of Data Breach
By 7.30.15
To be honest, we had no idea that you could buy Hanes underwear (and socks, shirts, etc) from the Hanes website, mostly because we’d never really thought to look at the Hanes website. But if you have been shopping at Hanes.com — and potentially at other sites in the Hanes Brands catalog — some of your information may have been compromised. [More]
Ashley Madison Says It’s Secured All Customer Data After Hack Attack
By 7.21.15
After a group of hackers posted a sampling of user data stolen from AshleyMadison.com, the parent company of the dating site for cheaters says it’s secured all customer information that was allegedly leaked. [More]
