Senators Demand Answers of Mayer on Yahoo Data Breach
Six Democratic senators are demanding answers from Yahoo CEO Marissa Mayer about the massive data breach that the company disclosed last week. The legislators want to know when Yahoo discovered the breach, which occurred in 2014, and why it took so long to disclose it to the public. The Yahoo data breach involves information from […]
500 Million Users Affected by Yahoo Data Breach
Yahoo today confirmed that state-sponsored attackers compromised the company’s network in 2014, stealing data belonging to 500 million users. The stolen data includes names, email addresses, phone numbers, hashed passwords, dates of birth, and security questions and answers, some of which were unencrypted. Yahoo officials said it doesn’t believe that bank account data, payment card […]
Nearly All Top Global Companies Have Leaked Credentials Online
Many CSOs live in fear of waking up to an email reporting a data breach at their company, but the threat to an enterprise isn’t limited to a compromise of that specific organization. A new report shows that there are leaked employee credentials online for 97 percent of the top 1,000 global companies, many of which […]
Employee Password Compromise Leads to Breach at OneLogin
A password compromise of an employee at OneLogin, the identity and access management company, has led to a breach at the company that affected stored customer data that was supposed to be encrypted but was actually available in plaintext. The attack happened earlier this summer, and OneLogin officials say the attacker may have been on their […]
Opera Warns of Compromise of Password Sync Service
The makers of the Opera browser said attackers have compromised the servers that are used to house the data from users of Opera’s sync system, which synchronizes data between mobile and desktop installations. The attack was discovered last week, and officials at Opera Software said that they have sent an email to all of the sync […]
Eddie Bauer Hit With Massive Payment System Compromise
Malware infected the point-of-sale systems in all of Eddie Bauer’s stores in the United States and Canada for more than six months this year, stealing payment card data at the company’s 350 stores. The attack affects an untold number of customers who shopped in the stores between January and mid-July of 2016, but the company said […]
Breach at Hotel Operator HEI Targeted Payment Card System
Customers of 20 hotels from a variety of operators are being warned about a compromise of payment card systems at HEI Hotels and Resorts that resulted in the theft of a wide range of card data. The attack on HEI, which owns and operates hotels from a number of chains, including Marriott, Westin, Sheraton, and […]
Oracle Looking Into Micros Data Breach
Oracle is in the process of investigating a data breach that affects customers of its MICROS point-of-sale systems. The breach apparently hit the software giant sometime last month, and it involves the customer portal for MICROS users. Oracle, which purchased MICROS in 2014, has sent a letter to affected customers, warning them that the company is doing […]
Verizon DBIR Shows Focus on Credential Theft in Breaches
Attackers are continuing to refine their tactics and develop new tools, but in a lot of cases they still rely on tried-and-true methods such as phishing, social engineering, malware, keyloggers, and credential theft to achieve their goals. The 2016 Verizon Data Breach Incident Report shows that these tactics and tools are still among the most-used by […]