Richard, whose wife had her Hotmail account swiped by a hacker, was able to get it back by calling Xbox Live customer service, of all people.
hackers
Ameriprise Bans "Customer Advisor" For Posting Link To Consumerist
By 9.21.09
Hey, we helped get an Ameriprise customer banned from the financial company’s consumer advisory panel! Sorry about that, Brendan.
Ameriprise Website Riddled With Security Vulnerabilities For At Least Five Months
By 8.21.09
[Note: The original headline for this post mistakenly identified Ameritrade as the subject of the post. It is actually Ameriprise Financial. I deeply regret the error.] Since March of this year, security expert Russ McRee of HolisticInfoSec.org has sent 6 messages to Ameriprise Financial warning them of easily exploitable security holes on their website. They ignored every request, while at the same time reassuring customers that “No one without the proper web browser configuration can view or modify information contained on our systems.”
Hackers Indicted For Stealing 130 Million Credit Card Numbers
By 8.18.09
130 million is a large number, but that’s how many credit card numbers a group of three hackers are alleged to have stolen from five different companies including 7 Eleven, Hannaford, and Heartland Payment Systems says the Department of Justice.
Hackers Discover Data-Stealing ATM At Convention
By 8.4.09
Nobody knows yet whether it was planted by an attendee, or if the ATM had been there for some period of time before the event, but hackers at last week’s DefCon conference in Las Vegas discovered a rogue unit that was designed to capture customers’ credit card data with each use.
Hacked Company: Notifying Customers Of Breach Is A "Burden"
By 7.27.09
Network Solutions, an e-commerce company, just experienced a data breach that resulted in them compromising 573,000 credit and debit card accounts. The company has begun to notify merchants of the breach so they can tell their customers, but gosh, it’s just so hard.
Some SSNs Can Be Guessed Using Birthdate And Location, Say Researchers
By 7.7.09
It turns out our Social Security numbering system, which launched in 1936, isn’t very foolproof against some types of hacking. The New York Times reports that researchers at Carnegie Mellon University “used statistical techniques to predict Social Security numbers solely from an individual’s date and location of birth.”
Meet The Virtual ATM Skimmers
By 6.22.09
Just when you thought that you and your ATM card data were safe from criminal eyes, Scientific American brings a different sort of threat. This time, the skimmers are inside the machine. Malware within the ATM itself harvests enough data to do some very bad things.
ImLive.com: Disputing An Erroneous $450 Porn Charge Is A "Serious Violation Of Our Terms Of Use"
By 5.16.09
Someone hacked reader E’s account on the adult site ImLive.com and bought up $450 worth of credits. By the time E. caught the charge, half of the credits had already been used. When E. informed the site that he was planning to file a chargeback with his credit card company, he was warned that doing so would be “considered a serious violation of our terms of use.” The site’s suggested alternative was simple: they would restore the used credits, and E. could watch lots and lots of porn.
8 Million Patient Records Stolen From Virginia State Database, Held For Ransom
By 5.5.09
The Washington Post says that a hacker encrypted 8 million patient prescription records from a Virginia state website last week, deleted the backups, and replaced the home page with a ransom note. If the state doesn’t pay $10 million within 7 days, the hacker has threatened to sell the data to the highest bidder.
Time Warner Cable Getting Slammed By Denial Of Service Attack
By 2.26.09
Time Warner Cable wants you to know that if you’re one of their customers — the slow speeds you’ve been experiencing are the result of a denial of service attack by nefarious hacker-types.
Ex-Countrywide Employee Sells Your Data, They Offer Credit Monitoring Service, Hang Up When You Ask For It
By 9.11.08
Re: Countrywide Sends Fraud Alert Letters: ‘Your Info May Have Been Sold,” Reader Esqdork writes, “Yesterday, I phoned Countrywide to get them to extend the credit monitoring service [that they offered in their apology letter] to my co-borrower and was promptly hung up on.” The only surprise here is that they even picked up in the first place.
Countrywide Sends Fraud Alert Letters: 'Your Info May Have Been Sold'
By 9.9.08
I received a letter from Countrywide today that says:
Redbox Shows Businesses How To Properly Handle A Data Breach
By 4.7.08
Redbox rents DVD movies via vending machine in drugstores and supermarkets throughout the country, and on Friday they announced that they’d found credit card skimmers attached to three of their kiosks. What’s surprising is that they ‘fessed up so quickly, and in a highly public manner—they’ve got the text “SECURITY ALERT” at the top and bottom of their website, and the email they sent to their members is detailed, forthright, and helpful, and reposted in its entirety—along with photos of sample card skimmers—on their site. Attempts at identity theft no longer surprise us, but a competent handling of the issue by a company is pretty amazing.
Comcast Tech Abuses Power To Rack Vegeneance On Xbox Hackers
By 4.2.08
DSL Reports has the story of an outsourced Comcast tech was fired after bragging online about using internal Comcast systems to get vengeance on hackers disrupting his Xbox. After annoying little twerps intentionally overloaded his Xbox with data (known as packet flooding), Mark Ribeiro, who describes himself as a “Comcast tier 2.5 support agent, which essentially means im one of the top 1% elitest agents,” went to work. First he identified one of the perps and found out he was a Comcast customer. Then he looked up the kid’s info in the Comcast support system and called the kid’s father…
Red Card! MLSGear.com Shoppers Exposed To Identity Theft
By 2.12.08
Computerworld is reporting that “a series of SQL injection attacks” on a third-party e-commerce company’s servers has compromised the personal data of customers who shopped at Major League Soccer’s MLSgear.com website. One affected customer told us he received a letter from MLSgear.com letting him know what had happened and offering him free credit monitoring services for a year, which is apparently the standing corporate response to personal data theft.
Geeks.com Website Hacked, Customer Data Stolen
By 1.7.08
If you bought anything from Geeks.com in at least the last year or so, you might want to start paying close attention to your credit card statements—the company sent out an email on Friday telling former customers that they “recently discovered on December 5, 2007 that customer information, including Visa credit card information, may have been compromised.” Full email after the jump.
Security Firm Says Hackers Can Access Vonage Calls
By 10.26.07
It’s not a good week for Vonage. VoIP Security firm Sipera has announced that they’ve discovered a vulnerability in Vonage’s equipment that can allow hackers to take control of user accounts to intercept calls, make calls via the accounts, eavesdrop, or launch DoS attacks. Although most VoIP systems are about as secure as sending IM messages over a public wifi network (that is, not secure at all), Vonage has a couple of special problems with its Motorola adapters not authorizing requests, which leaves a special door open for bad people doing bad things. The problem also affects adapters from Grandstream and Globe7.
