Update: It turns out the call was legit.
security
Airport Security Says Disabled Man Isn't "In Possession Of" His Luggage
By 3.27.09
Blogger Dave Hingsburger writes about a horrifying experience at the airport. Dave, who is disabled, was informed by airport security that because he was in a wheelchair, he wasn’t technically “in possession of” his luggage and that “some body” needed to attend to it. The security guard continued to argue with Dave until a pilot apologetically intervened. Well done, airport security. An Elephant Disappears (Photo: ringmaster006)
8,000 Comcast Passwords Exposed, Phishing Scam Suspected
By 3.16.09
The New York Times has reported that a list of over 8,000 Comcast user name and passwords were available to the public via Scribd for two months, before a Wilkes University professor discovered it over the weekend after doing a search for his identity online. Comcast is saying it looks like the result of a phishing scam and isn’t an inside job, and that there are so many duplicate entries on the list that it’s closer to 4,000 customers.
Another Month, Another Massive Credit Card Data Breach
By 2.23.09
Don’t be too surprised if you get a letter from your bank or credit union in the next few weeks telling you it’s replacing your credit card. If your data was among the latest set compromised, Visa and Mastercard are already alerting financial institutions so they can cancel the account number.
Direct Express Auto Transport Responds To Bad Reviews By Posting Reviewers' Personal Information Online
By 2.18.09
We write often about companies’ sleazy approaches to online reviews. Some companies bribe users for positive feedback. Others sue over negative reviews. Direct Express Auto Transport, however, is the first company we’ve seen that responds to bad reviews by sharing users’ personal information.
UPDATED: "My iPhone Is Missing, And Some Guy Is Taking Pics Of Himself With It!"
By 2.13.09
UPDATE 2: the phone has been returned!
DVD Planet Uses 'Ebay' For Password, Sends It To You Via Email If You Ask
By 2.13.09
Dear DVD Planet, you might want to sit down with the person who designed your customer account system and have a long talk. You know, about things like data security. After we posted this story yesterday about an Amazon shopper who was surprised to find you’d automatically created a barely secure account in his name with his data, another reader—this time a former eBay customer from nearly two years ago—decided to check whether you’d done the same thing to her. Yep! And the password was “Ebay.”
DVD Planet's Automatic Account Creation Raises Security, Privacy Issues
By 2.13.09
Joel says when he ordered a disc from DVD Planet via Amazon, the company automatically created an account for him on their website. The problem is that the default password they used was so easy to guess that he figured it out on the second try, and he suspects it’s the same password they use on every account. Once you guess it, you can see the customer’s past orders and credit card billing address. When Joel contacted them to have the account removed, he was told that wasn’t possible.
Qchex Shut Down, Scammers Everywhere Weep
By 2.10.09
ArsTechnica reports that a judge has ordered Neovi, the company behind Qchex, to immediately stop offering their service, which allowed people to create and send checks drawn on any bank so long as they provided the account info. As you can imagine, this led to abuse by scammers who would use Qchex to create fraudulent checks.
Best Buy Employee Arrested For Stealing Credit Cards
By 2.10.09
Uh oh, another Best Buy employee has been caught swiping data from customers. Unlike the woman last August who went on small time shopping sprees, this woman was caught using a card reader to swipe and store info on as many as 4,000 customers at the Best Buy store located at 1880 Palm Beach Lakes Blvd in Palm Beach, Florida.
Kroger Apologizes For Calling You A Thief, Banning You From Store For Buying And Eating Their Donuts
By 2.3.09
Every Saturday morning, Beth’s father walks to…
Robo Calls Die Fiery Death With Your Opt-Out
By 1.28.09
Asta la vista, robo callers! As of December, all pre-recorded sales calls need to have a way for consumers to opt-out of their mailing lists, either by pressing a button or saying something.No doubt this will happen at the end of the call. So the good news is that you have a way to get off their list. The bad news is…
Monster.com Hacked, User Names & Passwords Stolen
By 1.26.09
Last Friday, Monster.com announced that their database had been attacked, and that account names, passwords, email addresses, and phone numbers had been stolen. Unfortunately, they haven’t sent out email alerts to anyone—they just put the announcement up on the security section of their site. As our tipster Erica points out, “Given people’s tendencies to reuse passwords on multiple sites (BAD!), that they aren’t actively emailing and informing members of this breach is quite irresponsible.”
Credit And Debit Card Breach May Affect Over 100 Million
By 1.21.09
The Washington Post has reported that Heartland Payment Systems, a payment processor that services “more than 250,000 businesses,” has had more than 100 million transactions compromised via malicious software that was installed on its network; it will likely turn out to be the largest data breach ever reported. The “good” news is that the criminals were only capturing credit card numbers, the names on the cards, and expiration dates—the info encoded onto the magnetic strip on the card. Because no addresses, SSNs or PINs were stolen, the prospect of full-blown identity theft is pretty small—which must explain why Heartland isn’t offering any sort of credit monitoring package as compensation. Instead, their CFO says, “We recognize and feel badly about the inconvenience this is going to cause consumers.”
Fisher-Price Kiddie Camera Comes With Fun And A Computer Virus
By 1.3.09
Jeff says his kid’s new toy, a working camera from Fisher-Price, tried to give his computer a virus when he plugged it in!
Play Anti-Phishing Phil And Learn How To Spot Phishing Attacks
By 1.2.09
Phishing attacks are pretty cleverly designed, because they skip most virus checkpoints altogether and go for the true weak spot in human-computer interaction, the human. Lorrie Faith Cranor, a computer security researcher at Carnegie Mellon University, has been studying phishing attacks to identify new ways to fight them.
Tampa Bay Handcuffs And Ejects You For Rooting For The Opposing Football Team
By 12.29.08 — Updated: 3.18.13
Steve flew down to Tampa to watch his Raiders play the Buccaneers. After cheering for the away team, he was handcuffed, detained, frisked, and ejected with no explanation. He’d like one.
