For at least the fourth time this year, millions of consumers are being faced with some bad news: health insurer Excellus Blue Cross Blue Shield has announced the discovery of a major data breach in their systems. Over 10 million subscribers to Excellus and their partner services now have their most personal information — including medical claims records and social security numbers — stolen. [More]
hack attack
Ashley Madison Says People, Even Some Real Women, Are Still Signing Up For Cheating Site
By 8.31.15
We can understand why people continued to shop at retailers that have been hit by data breaches. You still need to buy groceries, clothing, housewares, etc. But what about a website whose main selling point is privacy? Even though AshleyMadison.com — the dating website for cheaters — has been publicly embarrassed by the posting of millions of users’ personal data, it claims that people are still signing up… and that they’re not all just dudes. [More]
Target Won’t Face SEC Charges Over Breach
By 8.26.15
Nearly two years after a massive data breach at Target left millions of consumers’ personal information at risk, the company announced it won’t face enforcement action from at least one government agency. [More]
Why The Stolen Ashley Madison Data Is (Legally) Fair Game For The Internet
By 8.25.15
If your credit card information gets stolen in a data breach, there are certain rules in place that limit your liability and protect you from fraud. But if a hack makes personal, potentially very embarrassing, information public — as in, say, the Ashley Madison hack — there’s not much anyone can do to stop others from seeing or writing about it. [More]
Wyndham Hotels Loses Legal Battle With Feds Over Lax Security Practices
By 8.24.15
If a consumer-facing company, like say a massive hotel chain, touts its dedication to the security of customer information and then does something to repeatedly put that information at risk — like storing unencrypted credit card data on barely secure networks — can they be forced to share some of the blame when hundreds of thousands of credit card numbers are stolen? The hotel chain says that would be blaming the victim, but a federal appeals court has affirmed the Federal Trade Commission’s authority to go after businesses that fail to live up to their security promises. [More]
Ashley Madison Offering $378,000 Reward For Info On Hackers
By 8.24.15
While big companies have been known to offer “bounties” to white-hat hackers to test for weaknesses in their networks and websites to ensure they aren’t one day breached in a cyber attack, it’s too late for AshleyMadison.com, the dating site for cheaters. After the embarrassment of having its users’ private information made very public, the site is now dangling several hundred thousand dollars as a reward for information leading to the arrest of the group behind the massive hack. [More]
Even More Ashley Madison Data, Including CEO’s E-Mails, Dumped Online
By 8.20.15
Just as you were finishing up examining all the dark corners to see if you could find any famous people hidden in the first 10GB AshleyMadison.com data dump, a second one — twice the size — has made its way online, complete with e-mails from the company’s CEO. [More]
Cheating Website AshleyMadison.com Reportedly Made Nearly $2M/Year From Users Trying To Delete Accounts
By 8.19.15
One of the reasons that hackers first attacked AshleyMadison.com, the dating site for people looking to cheat, is because it charges upwards of $20 to users for a “Full Delete” service that scrubs their accounts and photos from the site; something it could just do without charging. Just how many people paid for this? Enough for the website to make nearly $2 million a year. [More]
Very Personal Information For Over 30 Million Ashley Madison Users Set Loose On Internet In Wake Of Hack
By 8.19.15
Ashley Madison, the website for cheating cheaters who specifically want to go have an affair, was hacked in July. A day later, the company said that it was working to secure its users’ data and all personally identifiable data had been taken down. But perhaps the company is taking after the worst habits of its member base, because that too turns out to be a pack of dirty lies: the full data for over 30 million Ashley Madison accounts is now out there in the wild. [More]
Company Loses $197K In Cyberheist, Has To Bribe Chinese Police With Cigarettes & Cash To Get Some Of It Back
By 8.14.15
If someone steals nearly $200,000 from your business and you were able to track down the location of the thief, you’d hope the local police would be willing to arrest that criminal and help you get your stolen money back. But for one American business owner whose money had been illegally siphoned off by a Chinese company, it took payments of cigarettes and cash for the authorities to care. [More]
Regulators Investigating Harman Kardon After Remote Hack Of Jeep
By 8.3.15
UPDATE: A day after regulators announced they had opened an investigation into Harman Kardon to determine if vehicles – other than the recently recalled 1.4 million Fiat Chrysler models – equipped with certain infotainment systems were susceptible to remote hacks, the company assured investigators and consumers that the previously reported hack was an isolated incident. [More]
Hanes Website Is The Latest, Oddest Victim Of Data Breach
By 7.30.15
To be honest, we had no idea that you could buy Hanes underwear (and socks, shirts, etc) from the Hanes website, mostly because we’d never really thought to look at the Hanes website. But if you have been shopping at Hanes.com — and potentially at other sites in the Hanes Brands catalog — some of your information may have been compromised. [More]
Hacker Claims To Be Able To Take Control Of Any General Motors Car With OnStar
By 7.30.15
As we saw last week, the ability to remotely take control of a vehicle is a very real concern. While Fiat Chrysler recalled nearly 1.4 million vehicles and issued a patch related to some of its internet-connected cars, another automaker is now sitting in the precarious spot of potential hijack victim, as a hacker claims he can commandeer any of the company’s vehicles as long as they come with the OnStar system. [More]
Hackers Can Now Remotely Attack A Gun, Change Its Target, And Lock The Owner Out
By 7.29.15
Over the past few years we’ve heard a lot about the smart, connected devices that make up the internet of things. From ceiling fans to cars and cameras, they’re everywhere. Unfortunately, anything that can connect to the internet can be hacked through the internet… and now, it seems, that includes guns. [More]
Costco, Three Other Retailers Suspend Photo Sites After Third-Party Host Suffers Possible Breach
By 7.21.15
Less than a week after CVS took down its CVSphoto.com site while it investigates a possible credit card breach, at least four other retailers including Costco and Sam’s Club have suspended online photo services following notification by the company that manages or hosts photo services for the sites of a possible data breach. [More]
AshleyMadison.com, Dating Site For Cheaters, Hacked; User Info Posted Online
By 7.20.15
The parent company of AshleyMadison.com, a dating site that brazenly declares “Life is short. Have an affair,” is the latest subject of a massive data breach. Over the weekend, hackers posted a sampling of user data stolen from the site. [More]
CVS Takes CVSPhoto Site Down After Possible Credit Card Data Breach
By 7.17.15
If you’ve used your credit or debit card to purchase photo prints through CVSPhoto, you might want to pay attention. The drugstore chain has taken down CVSPhoto.com while it investigates a possible credit card data breach. [More]
Federal Data Breach Reportedly Affects An Additional 21 Million People
By 7.9.15
Remember when it was announced that more than four million federal employees in the country were part of a massive data breach last month? Well, turns out that was just one of two rather large data breaches to hit the Office of Personnel Management, with the newly announced second, larger hack affecting upwards of 21 million current and former employees, as well as prospective employees, their families and others who applied for federal background investigations in the last 15 years. [More]
