security breach
Latest
News Corp admits hackers had access to its systems for two years
The threat actors who infiltrated News Corp., the company that owns The Wall Street Journal and other news outlets, apparently had access to its network for two full years.
Fast Company returns after attack that saw obscene Apple News alerts pushed to readers
The business-focused publication is back after being offline for eight days.
LastPass was hacked, but it says no user data was compromised
The bad actor had internal access to LastPass for four days.
US federal court system attacked by 'hostile foreign actors' in 2020 security breach
The US Department of Justice is currently investigating the issue.
Robinhood security breach compromised data of 7 million users
Robinhood has revealed that it experienced a security breach incident on November 3rd, which exposed the data of as many as 7 million users.
Hackers stole driver's license numbers from Geico's website
Geico has filed a data breach notice with the California attorney general’s office, admitting that fraudsters had stolen customers' driver's license numbers from its website.
Hackers briefly swap out a page on the Trump campaign site
Someone 'seized' a page on DonaldJTrump.com and threated to release classified info.
DoorDash security breach affects nearly 5 million users
DoorDash announced today that it suffered a security breach that affected 4.9 million users. According to the company, on May 4th, 2019, an unauthorized third-party gained access to information belonging to DoorDash users including consumers, delivery drivers and merchants who joined the platfrom on or before April 5th, 2018. The information accessed included names, email addresses, physical addresses used for deliveries, order histories, phone numbers and passwords, which were encrypted using hashing and salting techniques. The company is advising users to reset their passwords, though it is not believed that any passwords have been compromised.
Bulgarian tax agency breach may have compromised 5 million people
Bulgaria's government is dealing with a massive security breach that might have affected almost all adult residents' information. According to Reuters, the country's finance minister has confirmed that hackers infiltrated the National Revenue Agency's (NRA) network at the end of June, and one of the tax agency's officials said the attack likely originated from outside the country. A person claiming to be a Russian hacker told the Bulgarian media that their group was responsible for the attack in an email sent via a Russian address.
FBI-related breach reportedly compromised federal agents' details
A group of hackers has exploited the flaws of at least three FBI-affiliated websites and leaked thousands of federal and law enforcement agents' personal details. According to TechCrunch, the group infiltrated websites run by the FBI National Academy Association. It's a nonprofit dedicated to promoting law enforcement training and has multiple chapters across the country, each with their own page. The hackers told the publication that they were able to break into the pages and download the contents, which they then uploaded on their own website.
Farewell, Google+: You didn't fail, you just didn't succeed
It's the end of Google+. Eight years after its launch, Google is finally pulling the plug on its social network. It was a platform designed to take on Facebook but, despite the company's best efforts, it always existed in its shadow. As of today, there will be no more Google+ sign-in buttons, no more pages or comments, and your account will simply vanish.
Personal information compromised on Raptr
Good news, Raptr users! Your personal information has been compromised! Wait, did that read "good news"? It's bad. It's pretty bad. Yes, in yet another hack of personal information of online services Raptr wound up being hacked, resulting in a stolen names, hashed passwords, and email addresses. Founder and CEO Dennis Fong noted that the two-factor authentication used for Raptr Rewards was not compromised, so users will be unlikely to see anything lost from their reward points. Fong appears confident that the risk for users is fairly minimal, but as with any security breach he advises users to change passwords and check accounts for anything using the same username, email, and/or password. Standard operating procedure, really. No word has been released on how many accounts may have been compromised, but to be on the safe side you should change your logins and such across the board if you're a Raptr user.
Trion Worlds denies ArcheAge server security breach, recommends new passwords
Over the weekend, the ArcheAge beta forums erupted with claims that testers' credit cards were being charged for unauthorized purchases of founders packs. Trion has today responded with a forum post that denies a widespread server security breach. Community Manager Scapes writes, Let us start by saying this very clearly: Trion Worlds' security has not been compromised in any way. There has been absolutely no breach in Trion's servers. What happened in the last few hours is sadly nothing new: Every day, bots obtain user credentials from various unprotected sites around the Internet, build lists of login and passwords, and try them on Trion's servers (along with many other sites). If players consistently use simple or repeated passwords across different online services, these bots may get access to their accounts. Because of the current momentum around ArcheAge, hundreds of millions of such attempts were made from well over a million different IP addresses in the last few weeks, only a fraction of which ended up being successful today. Trion says that it has begun issuing refunds to affected users and is (by coincidence) buffing its Glyph launcher with new device-specific security features. The studio recommends strengthening all game passwords. [With thanks to tipster Boinya.]
Security breach may be reason for Gatekeeper app signing changes (Updated)
A discussion has been brewing on Twitter today regarding the recent app signing changes that could leave some apps blocked by Gatekeeper if developers don't re-sign the apps. Apple had let developers know that "With the release of OS X Mavericks 10.9.5, the way that OS X recognizes signed apps will change." According to Twitter user @SomebodySW, the change may actually be a response to a security breach in the Developer Portal, not just a change in the method of recognizing signed apps. Update 11:54 AM 08/19/2014: TUAW received separate confirmation of the breach from a second source via IRC, stating that Apple's certificates may have been compromised and that the company's changes to Gatekeeper are in part intended to mitigate the risks of those breaches. We have still not received any confirmation or denial of the Dev Portal breaches from Apple. @marczak @cabel @danielpunkass @mikeash The keys used for Gatekeeper* were stolen in that Developer Portal breach a while back. Consider thi - Somebody Somewhere (@SomebodySW) August 18, 2014 @marczak @cabel @danielpunkass @mikeash s your heads up. *and many other keys for many other things - Somebody Somewhere (@SomebodySW) August 18, 2014 How plausible is a security breach that resulted in the theft of not only Gatekeeper's keys but "many other keys for many other things"? Plausible enough that we reached out to Apple for confirmation. At this point, no response has been received. Ben Doernberg, a security and bitcoin expert, has also pinged Apple, saying in a recent tweet that: Just talked with Ryan James at Apple, says he'll look look into if device signing keys were stolen last year, no confirm or deny @SomebodySW - Ben Doernberg (@BenDoernberg) August 18, 2014 According to @SomebodySW, "Other keys were stolen too: The Enterprise Signing Key, a key that could be used (and was) used to sign Activation Tickets (bypassing iCloud locks) and several developer ID related keys also some keys iPhone 4/4s/5 hardware 'knows', used to authenticate the OS installed as being from Apple/unmodified". @SomebodySW notes that he received an offer to buy the device signing keys from the person who performed the breach of the Apple Dev Portal shortly after the theft occurred. While this still isn't definitive proof that the Gatekeeper and other security keys were stolen, TUAW received separate confirmation from a second source. We'll keep on top of this story and let you know how it develops.
Kickstarter hacked, customer information accessed
If you've logged in to use Kickstarter, perhaps to support an up-and-coming MMO, then pay attention: earlier today, the site reported to users that it was hacked this past week and customer data was accessed. In a security notice posted on the site, Kickstarter said that it was notified by authorities this past Wednesday that hackers gained access to the site. The company has since closed the breach, bolstered its security, and notified customers to change their passwords. Credit card information was not part of the accessed information, but user names, email addresses, and encrypted passwords were. "We have since improved our security procedures and systems in numerous ways, and we will continue to do so in the weeks and months to come," the company posted.
Vodafone hacker accesses banking data of two million customers in Germany
Vodafone has confirmed that hackers have accessed its servers in Germany, gaining access to personal information and bank details of approximately two million customers. The operator says the breach was a "highly sophisticated and illegal intrusion" that it believes was masterminded by an insider -- and indeed a suspect has already been identified and handed over to police. It's not often you hear about a successful raid on a mobile operator, which is why Vodafone believes it could only have been conducted by someone with an "inside knowledge of [its] most secure internal systems." Vodafone customers outside of Germany aren't affected, and those inside the country should already have been contacted. The company says credit card information, mobile phone numbers, passwords and PIN numbers were not accessed in the attack, although Vodafone is warning customers to be especially vigilant about potential phishing attacks in the future.
League of Legends compromised; North American accounts and transactions accessed
Riot Games has just issued a letter to League of Legends players revealing that North American account information has been compromised by hackers. According to the message, usernames, email addresses, "salted password hashes," and real names were accessed. Riot insists that password information is unreadable but that players with easy-to-guess passwords might be at risk. Also accessed were hashed and salted credit card numbers from around 120,000 transactions made in 2011. Riot noted that the payment system in question has not been used since July of 2011 and that it is "taking appropriate action to notify and safeguard affected players." If your information was affected, you will receive an email from Riot. All North American players will be required to change their passwords "to stronger ones that are much harder to guess." In the meantime, keep an eye on your accounts for any suspicious activity.
'Possible' loss of user information in Crytek security breach
Crytek took down four of its websites due to "suspicious activity" over the weekend. According to a statement from Crytek, the security breach "may have resulted in some users' login data being compromised." "Although it is uncertain whether the incident led to the copying and decryption of email addresses and passwords, it is possible that users with accounts at these websites have had personal data copied," Crytek said. "On Friday afternoon we started to contact all affected users via email and informed them of the potential security breach." The four sites in question, crytek.com, mycryengine.com, crydev.net and mycrysis.com are still offline. Crytek said that "final details of when our sites will be back online will be communicated as soon as possible." Additionally, "no payment information from users was stored at all" on the sites in question.
DayZ studio hacked, encrypted passwords downloaded
DayZ developer Bohemia Interactive was struck by hackers today, resulting in the illegal download of player usernames, emails addresses, and passwords. Bohemia posted a letter stating that while the passwords were stolen, their encryption should protect players from the hackers using them. Even so, Bohemia has reset all of the passwords in its database, requiring players to register for a new password in order to access the studio's website and forums. The good news is that credit card info is safe. "We would like to reassure everyone that no other information such as credit card details is stored by us and thus was not at any risk from this illegal breach," Bohemia stated.
Facebook security bug exposed 6 million users' personal information (update)
Today, Facebook announced a security bug that compromised the personal account information of six million users. In a post on the Facebook Security page, the site's White Hat team explained that some of the information the site uses to deliver friend recommendations was "inadvertently stored with people's contact information as part of their account on Facebook." When users downloaded an archive of their account via the DYI (download your information) tool, some were apparently given access to additional contact info for friends and even friends of friends. The post continues: We've concluded that approximately 6 million Facebook users had email addresses or telephone numbers shared. There were other email addresses or telephone numbers included in the downloads, but they were not connected to any Facebook users or even names of individuals. For almost all of the email addresses or telephone numbers impacted, each individual email address or telephone number was only included in a download once or twice. This means, in almost all cases, an email address or telephone number was only exposed to one person. Additionally, no other types of personal or financial information were included and only people on Facebook – not developers or advertisers – have access to the DYI tool. Facebook says it's temporarily disabled the DYI tool to fix the breach. We've reached out to the site for further comment; for now, read the official statement via the source link below. Update: Facebook has responded to our inquiries and stated that while the bug was discovered earlier this month, "it had been live since last year." They immediately disabled the tool, fixed the bug and reenabled it within 24 hours of the bug's discovery. The bug was reported to them through a White Hat program for external security researchers.
