data breaches – Page 14 – Computer Security Articles

Credit to Author: BrianKrebs| Date: Mon, 17 Sep 2018 21:57:39 +0000

Government Payment Service Inc. — a company used by thousands of U.S. state and local governments to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines — has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the last four digits of the payer’s credit card.

Independent Krebs

September 4, 2018 admin

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Credit to Author: BrianKrebs| Date: Tue, 04 Sep 2018 17:22:41 +0000

mSpy, the makers of a software-as-a-service product that claims to help more than a million paying customers spy on the mobile devices of their kids and partners, has leaked millions of sensitive records online, including passwords, call logs, text messages, contacts, notes and location data secretly collected from phones running the stealthy spyware. Less than a week ago, security researcher Nitish Shah directed KrebsOnSecurity to an open database on the Web that allowed anyone to query up-to-the-minute mSpy records for both customer transactions at mSpy’s site and for mobile phone data collected by mSpy’s software. The database required no authentication.

Independent Krebs

August 28, 2018 admin

Fiserv Flaw Exposed Customer Data at Hundreds of Banks

Credit to Author: BrianKrebs| Date: Tue, 28 Aug 2018 13:27:55 +0000

Fiserv, Inc., a major provider of technology services to financial institutions, just fixed a glaring weakness in its Web platform that exposed personal and financial details of countless customers across hundreds of bank Web sites, KrebsOnSecurity has learned.

Independent Krebs

August 17, 2018 admin

Indian Bank Hit in $13.5M Cyberheist After FBI ATM Cashout Warning

Credit to Author: BrianKrebs| Date: Fri, 17 Aug 2018 19:27:10 +0000

On Sunday, Aug. 12, KrebsOnSecurity carried an exclusive: The FBI was warning banks about an imminent “ATM cashout” scheme about to unfold across the globe, thanks to a data breach at an unknown financial institution. On Aug. 14, a bank in India disclosed hackers had broken into its servers, stealing nearly $2 million in fraudulent bank transfers and $11.5 million unauthorized ATM withdrawals from more than two dozen cash machines across multiple countries.

Independent Krebs

August 12, 2018 admin

FBI Warns of ‘Unlimited’ ATM Cashout Blitz

Credit to Author: BrianKrebs| Date: Mon, 13 Aug 2018 00:28:11 +0000

The Federal Bureau of Investigation (FBI) is warning banks that cybercriminals are preparing to carry out a highly choreographed, global fraud scheme known as an “ATM cash-out,” in which crooks hack a bank or payment card processor and use cloned cards at cash machines around the world to fraudulently withdraw millions of dollars in just a few hours.

MalwareBytes Security

August 8, 2018 admin

White hat, black hat, and the emergence of the gray hat: the true costs of cybercrime

Credit to Author: Malwarebytes Labs| Date: Wed, 08 Aug 2018 14:00:00 +0000

Osterman Research recently completed a major survey on behalf of Malwarebytes to determine the actual cost of cybercrime to businesses. Here’s what we discovered.

Categories:

Tags: black hat business costs of cybercrime cybercrime data breaches gray hat Micahel Osterman Osterman report white hat

Independent Krebs

August 3, 2018 admin

Credit Card Issuer TCM Bank Leaked Applicant Data for 16 Months

Credit to Author: BrianKrebs| Date: Fri, 03 Aug 2018 15:48:53 +0000

TCM Bank, a company that helps more than 750 small and community U.S. banks issue credit cards to their account holders, said a Web site misconfiguration exposed the names, addresses, dates of birth and Social Security numbers of thousands of people who applied for cards between early March 2017 and mid-July 2018. TCM is a subsidiary of Washington, D.C.-based ICBA Bancard Inc., which helps community banks provide a credit card option to their customers using bank-branded cards.

Independent Krebs

August 1, 2018 admin

Reddit Breach Highlights Limits of SMS-Based Authentication

Credit to Author: BrianKrebs| Date: Thu, 02 Aug 2018 00:55:17 +0000

Reddit.com today disclosed that a data breach exposed some internal data, as well as email addresses and passwords for some Reddit users. As Web site breaches go, this one doesn’t seem too severe. What’s interesting about the incident is that it showcases once again why relying on mobile text messages (SMS) for two-factor authentication (2FA) can lull companies and end users into a false sense of security.