breach
Latest
Adobe says attackers compromised 2.9 million accounts, stole source code
If you've recently bought an Adobe product, you'll want to keep an eye out for suspicious financial transactions in the near future. The company says that attackers have compromised 2.9 million customer accounts, including their (thankfully encrypted) credit and debit card numbers. Hackers also took source code for certain apps, including Acrobat and ColdFusion. The two attacks might be related, according to Adobe. While the firm doesn't believe that the culprits have any unencrypted banking info, it's not taking chances: it's resetting passwords for affected users, warning them of financial risks and offering free credit monitoring. The breach won't necessarily hurt customers in the long run, but it isn't going to help Adobe's attempts to move its user base to subscription services.
Sony agrees to pay £250K fine in UK for 2011 data breach, begrudgingly
Remember the 2011 attack that crippled Sony's PlayStation Network, leaked almost a quarter million users' information and generally was a nuisance? It's still cleaning up after that mess. Earlier this year, the UK's Information Commissioner's Office (ICO) slapped the company's European wing with a £250,000 fine ($377,575), saying it should have been better prepared for the attack -- now Sony's agreed to pay up. The electronics giant still maintains that the charge is without merit, but ceded to the penalty to avoid disclosing details about its security procedures. Apparently, the two months of free PS+ wasn't enough to make everybody forget.
ArmA 2 dev's website hacked, user passwords reset
ArmA series developer Bohemia Interactive reports that its website was hacked, resulting in unauthorized access to a database containing user login details. Bohemia has reset all of its users' passwords as a precautionary measure. Bohemia assures that credit card information was not stored on its servers, and was not accessed as a result of the breach. In addition, all stored passwords were encrypted, making it "very unlikely that anything nefarious can be done with this information." Affected users can request a new password here.
iPhoneDevSDK responds to attack
Yesterday, Apple disclosed it had been targeted by a malware attack. Apparently, related to a recent Facebook breach, Apple issued a statement regarding the situation: "The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers. We identified a small number of systems within Apple that were infected and isolated them from our network. There is no evidence that any data left Apple. We are working closely with law enforcement to find the source of the malware." By the end of the day, Apple had released a security update addressing the breach. An AllThingsD write-up discovered the software developer website in question. It turned out to be the iPhoneDevSDK community. Today, iPhoneDevSDK responded: "What we've learned is that it appears a single administrator account was compromised. The hackers used this account to modify our theme and inject JavaScript into our site. That JavaScript appears to have used a sophisticated, previously unknown exploit to hack into certain user's computers...We're still trying to determine the exploit's exact timeline and details, but it appears as though it was ended (by the hacker) on January 30, 2013." The site, which only became aware of the situation after seeing the AllThingsD post, is now working with Facebook, the Vanilla forums host and law enforcement.
Rumor: Origin hacked, EA denies intrusion [Updated]
If you have created an EA Origin account for any reason, such as for Star Wars: The Old Republic or Ultima Online, we advise you to change your password posthaste. Numerous sites are reporting that hackers have breached Origin's security and are potentially modifying account information and stealing it. Allegedly affected players claim that the hackers are changing the log-in emails associated with their accounts and that the new email addresses have a Russian suffix. In response to a question about whether any accounts were compromised by hacking, an EA spokesperson made the following statement: "At this point, we have no reason to believe there has been any intrusion into our Origin database." EA has updated us with its full security statement: Anytime a player has a question about the security of his or her account or personal data, we take it very seriously and take all possible steps to help. For any customer who cannot access their Origin account for any reason, we ask them to please contact Origin Help or EA's customer experience group at help.ea.com. The robust security measures in place to protect Origin users accounts are constantly being expanded and upgraded, and we also strongly recommend customers take the protective steps of using strong passwords and changing passwords often.
Blizzard faces class action suit over account authenticators
Blizzard Entertainment is facing a class action lawsuit over the sale of its Battle.net authenticators, which are used to provide security for player account information for games such as World of Warcraft and Diablo 3. The suit, filed by the law firm Carney Williams Bates Pulliam & Bowman, PLLC in the Central District of California, alleged that the authenticators were needed by players "in order to have even minimal protection for their sensitive personal, private, and financial data." The lawsuit referred to an August security breach in which no financial user data was reported to be stolen.The class action suit posited that Blizzard practiced "deceptive upselling," in that it allegedly failed "to disclose to consumers that additional products must be acquired after buying the games in order to ensure the security of information stored in online accounts that are requisites for playing."A Blizzard representative told Forbes that "this suit is without merit and filled with patently false information, and we will vigorously defend ourselves through the appropriate legal channels." The representative said the use of the authenticator tool was optional for players, and offered players "an added level of security against account-theft attempts that stem from sources such as phishing attacks, viruses packaged with seemingly harmless file downloads, and websites embedded with malicious code."Blizzard's statement continued, "the suit's claim that we didn't properly notify players regarding the August 2012 security breach is not true. Not only did Blizzard act quickly to provide information to the public about the situation, we explained the actions we were taking and let players know how the incident affected them, including the fact that no names, credit card numbers, or other sensitive financial information was disclosed."
Foxconn admits child labor laws breached by use of underage interns
Foxconn has admitted that it employed underage interns in breach of China's child labor laws. An internal investigation at its Yantai factory found some of the young trainees were aged 14- and 15-years old (16 being the legal minimum). In a statement received by CNET, the company advised that "this is not only a violation of China's labor law, it is also a violation of Foxconn policy and immediate steps have been taken to return the interns in question to their educational institutions." This comes as a further blow to the firm's employment record, after recent riots breaking out and strikes over iPhone 5 quality standards. These interns were sent to the facility from schools, with Foxconn carrying out full investigations with the relevant educational bodies to try to work out how this was allowed to happen. The tech manufacturer has been keen to accept responsibility for its part in the situation, advising strong action will be taken against any full-time members of staff found to have played a part in the breach.
EA and Origin plug up unintended game giveaway
EA hosted a survey this past weekend that, when finished, awarded a nice prize: A code to download one free game, under $20, on the company's digital distribution site Origin. Just a few things went wrong, however.It turns out the codes distributed weren't matched up to a specific Origin account; they could be used by anyone. Oh, and the codes worked multiple times, which means users could download as many under-$20 games as they wanted. Oh, and one more thing: Reddit figured all of this out.As you can imagine, all hell broke loose on Origin, as what must have been thousands of users downloaded games like Dead Space 2, Burnout Paradise, Sim City 4, and Mass Effect 2 for exactly zero dollars. The site went down, and when it came back up the codes (which were supposed to work until October 21) had been disabled. Not only that, but all promo codes have been disabled for the time being, apparently.There's no word on if EA will still honor the codes from the survey [see update: They will], or if there will be a new system in place at all, but we can almost guarantee that whatever solution EA comes up with, the IT team will probably have double- and triple-checked it for security, just to be sure. We've contacted EA for comment on what its plans are, and will let you know if we hear anything more.Update: EA has gotten back in touch to say that those users who completed the survey will be getting new codes via email soon, to provide the specified discount. In other words, no more stealing allowed.
European Commission set to fine Microsoft over 2009 browser compliance breach
The European Commission is planning to fine Microsoft for its failure to adhere to a 2009 ruling that required the software giant to offer customers a choice of default web browser. The EU Competition Commissioner, Joaquin Almuni, advised the press that a formal proceeding into the breach -- which Microsoft itself acknowledges -- has begun. Reuters reports that should Microsoft be found on the wrong side of the law, that the resulting fine could be as much as 10 percent of its global turnover. Whether the end sum would be as high as this remains to be seen, but given recent events, you can expected some hurried shuffling of paper in Redmond's accounts department.
Yahoo confirms server breach, over 400k accounts compromised
Online account security breaches are seemingly commonplace these days -- just ask LinkedIn or Sony -- and now we can add Yahoo's name to the list of hacking victims. The company's confirmed that it had the usernames and passwords of over 400,000 accounts stolen from its servers earlier this week and the data was briefly posted online. The credentials have since been pulled from the web, but it turns out they weren't just for Yahoo accounts, as Gmail, AOL, Hotmail, Comcast, MSN, SBC Global, Verizon, BellSouth and Live.com login info was also pilfered and placed on display. The good news? Those responsible for the breach said that the deed was done to simply show Yahoo the weaknesses in its software security. To wit: We hope that the parties responsible for managing the security of this subdomain will take this as a wake-up call, and not as a threat. There have been many security holes exploited in Web servers belonging to Yahoo Inc. that have caused far greater damage than our disclosure. Please do not take them lightly. The subdomain and vulnerable parameters have not been posted to avoid further damage. In response, Yahoo's saying that a fix for the vulnerability is in the works, but the investigation is ongoing and its system has yet to be fully secured. In the meantime, the company apologized for the breach and is advising users to change their passwords accordingly. You can read the official party line below. At Yahoo! we take security very seriously and invest heavily in protective measures to ensure the security of our users and their data across all our products. We confirm that an older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 400,000 Yahoo! and other company users names and passwords was stolen yesterday, July 11. Of these, less than 5% of the Yahoo! accounts had valid passwords. We are fixing the vulnerability that led to the disclosure of this data, changing the passwords of the affected Yahoo! users and notifying the companies whose users accounts may have been compromised. We apologize to affected users. We encourage users to change their passwords on a regular basis and also familiarize themselves with our online safety tips at security.yahoo.com.
Student hacks into Facebook, gets eight months in prison, twelve likes
The next time you get caught hijacking your friend's Facebook, remember it could be worse. On Friday, British Student Glenn Mangham was sentenced to eight months in not-so-social jail, for hacking deep into Facebook's servers. Apparently no user details were taken, with Mangham heading straight for "invaluable" intellectual property instead. Facebook alerted the authorities after it discovered the breach last May, the FBI then followed the digital thread back to the Briton's UK address. It's believed Mangham gained access to the inner sanctum after hacking into a Facebook employee's account, though it's not known if the comedy status update and embarrassing profile picture were also part of the attack.
Hacker spites Symantec, puts pcAnywhere's source code out in the open
Symantec said that folks running its pcAnywhere utility were at an "increased risk" when it revealed that the company had been hacked and its source codes pilfered, and advised customers to stop using pcAnywhere for the time being. Sage advice, as a hacker with the handle YamaTough -- who's affiliated with Anonymous -- helped do the deed and has now published the code for all the world to see. Apparently, the hacker and hackee had attempted to broker a deal for $50,000 to keep the code private, but neither side negotiated in good faith -- YamaTough always intended to release the code, and law enforcement was doing the talking for Symantec to catch him and his hacking cohorts. The good news is, Symantec has released several patches to protect pcAnywhere users going forward. As for the stolen code for Norton Antivirus, Internet Security and other Symantec software? Well, the company's expecting it to be disclosed, too, but because the code is from 2006, customers with current versions can rest easy.
Source code theft prompts Symantec to issue warning to customers
Security software publisher Symantec has confirmed it was the victim of a cyber attack, resulting in the theft and disclosure of product source code. Earlier this month, the online-collective Anonymous stated, via Twitter, that it possessed portions of the code in question and planned to release it in support of a class-action lawsuit filed by consumers -- the suit claims Symantec employed scare tactics to encourage users to purchase its wares. Via its website, the company affirmed Anonymous' claims, citing a source code heist dating back to 2006. The post goes on to suggest that users running Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks, Symantec Endpoint Protection 11.0, or Symantec AntiVirus 10.2 apply the latest maintenance patches. If you have the company's pcAnywhere solution deployed, Symantec suggests only using it for "business critical purposes," as this software is "at increased risk." Those looking to stay up-to-date on the breach and what Symantec is doing to ameliorate its effects can get the blow-by-blow from the source link below.
O2 data breach potentially shares your cellphone number with the world (Updated)
There's an alarming rumor circulating that suggests that UK network O2 forwards your phone number to any website visited on a smartphone. Lewis Peckover built a site that displays the header data sent to sites you visit, finding a network-specific field called "x-up-calling-line-id" which displayed his number. Angry users who tested the site have flooded the company's official Twitter, which is currently responding with: "Security is our top most priority, we're investigating this at the moment & will come back with more info as soon as we can." The Next Web confirmed that Orange, T-Mobile and Vodafone numbers are unaffected by the issue, but GiffGaff and Tesco Mobile (both MVNOs that operate on the same network) do. TNW's sources say it's most likely an internal testing setup, while Mr. Peckover suggests it's because the network transparently proxies HTTP traffic, using the number as a UID. Update: We received confirmation from O2, who said that it was "investigating with internal teams and it's our top priority." Slashgear and Think Broadband were unable to replicate the problem, but in our tests (pictured) it was sharing our data with the site. Update 2: Consumer magazine Which? contacted UK privacy watchdog, the Information Commissioner's Office which offered the following: "Keeping people's personal information secure is a fundamental principle that sits at the heart of the Data Protection Act and the Privacy and Electronic Communications Regulations. When people visit a website via their mobile phone they would not expect their number to be made available to that website. We will now speak to O2 to remind them of their data breach notification obligations, and to better understand what has happened, before we decide how to proceed." We'll let you draw your own conclusions from that one, but it's not shaping up to be a good day for the company (or its users). Update 3: Our tests have stopped working now, as it looks like the network is hurriedly trying to close the hole, but we've had no official word that it's over just yet. Update 4: O2 has issued a full statement and Q&A which we've embedded after the jump. Long story short, it's fixed the issue -- caused by accidental routine maintenance. 3G / WAP users will have shared your number with any site you visited since January 10th. The network has promised it will co-operate fully with the ICO and has reported itself to Ofcom.
Report: UK retailer GAME's customer database breached
A customer database belonging to UK retailer GAME has been breached, as has one belonging to Australian website Catalyst-Gaming, MCV reports. A list of over 2000 customer usernames, email addresses, and hashed passwords has been released. GAME denied that it's been hacked. "The published email addresses are not registered users of GAME.co.uk, and there has been no breach of our database security." That leaves catalyst-gaming as a potential source of email addresses. Regardless, if you've used either site recently, a password change wouldn't hurt.
MapleStory breached, 13 million accounts exposed
The famously hacked Sony has a sympathetic shoulder this week, as Nexon recently discovered a massive breach that's exposed over 13 million MapleStory player accounts to cyber ne'er-do-wells. Discovered this past Thursday, the breach was solely limited to South Korea, as Nexon hosts separate countries on their own servers. This means that any South Korean MapleStory player's information is at risk, including user IDs, names, passwords, and residential registration numbers. This information could potentially be stolen and used for a variety of crimes. While there's been no word whether actual personal information has been stolen, Nexon nevertheless urged these 13+ million subscribers to change their passwords. The company has contacted the police to ask for a formal investigation. This comes at an unfortunate time for the company, as Nexon is poised to present its IPO on the Tokyo Stock Exchange in December.
Sony locks 93,000 PSN and SOE accounts due to 'massive' hack attempt
Sony's not having a good morning. In addition to having to recall 1.6 million Bravia TVs, it's also been forced to temporarily lock 93,000 customers out of their PSN and Sony Online Entertainment accounts. You won't be surprised by the reason: an attempt by hackers to "test a massive set of sign-in IDs and passwords" against Sony's network database. Some of the affected accounts showed "additional activity prior to being locked" and are being investigated. On the flip-side, Sony's Chief Information Security Officer, Philip Reitinger, stressed that most of the hackers' details resulted in failed logins and in any case credit card details are not at risk. Users are being told to expect an email if they've been affected, which will contain further instructions. Has Sony finally realized the value of timely communication?
Second accused AT&T iPad hacker in plea talks
Last month, Daniel Spitler pleaded guilty to hacking account information from AT&T 3G iPads and faces up to 10 years in prison. His alleged partner in crime, Andrew Auernheimer, is now reportedly negotiating a plea deal as well. Auernheimer's case is currently on hold during these negotiations. Spitler and Auernheimer are responsible for writing an iPad 3G Account Slurper tool that parsed the SIM card numbers of AT&T iPad 3G owners and used them to retrieve email addresses from the carrier's website. They pair and their associated hacking group reportedly grabbed over 100,000 email records and brazenly flaunted their theft before being caught. The theft was particularly stinging as many of those records belonged to government officials and military personal.
Sony exec says PSN hack was 'a great experience,' apparently means it
The following are what most humans would call "great experiences": eating gelato on a hot summer's day, riding a tandem bike with Anthony Hopkins, or, in the case of Sony executive Tim Schaaff, having your life's work nearly destroyed by a band of hackers. Because for Schaaff, president of Sony Network Entertainment, this spring's persistent PSN outage wasn't so much devastating as it was... enlightening. Here's how he described the hack (and ensuing epiphany) to VentureBeat's Dylan Tweney: "I think for people running network businesses, it's not just about improving your security, because I've never talked to a security expert who said, 'As long you do the following three things you'll be fine, because hackers won't get you... the question is how do you build your life so you're able to cope with those things. It's been a great experience." Phenomenal as it must've felt to get in touch with his inner defeatist, Schaaff admitted that he "would not like to do it again" -- probably because his mouth can only house one foot at a time.
PlayStation Store, Qriocity returning to Japan this week, completing global PSN restoration
Sony's 'Welcome Back' campaign may have drawn to a close a bit early, but the PlayStation Network won't make its full return to Japan until later this week. As of July 6th, Japanese gamers will once again be able to access the PlayStation Store and Qriocity, bringing an end to a nearly three-month suspension enacted after April's widespread data breach. These services have already been reintroduced across other parts of the globe, but Sony encountered notably stiffer resistance in its homeland, where authorities demanded assurance of the PSN's security before allowing it to relaunch within their borders. The PlayStation Store remained down throughout Sony's negotiations with government officials, but company spokesman Satoshi Fukuoka says those discussions have advanced far enough for full services to resume. The PSN's long-awaited return to Japan will also signal its full global restoration, meaning that Sony may finally be able to put the saga to rest -- and try to forget about that $170 million it lost in the process.
