Timehop Hack Compromises 21 Million Users In a bit of good news/bad news, the social media time capsule site Timehop said that it was hacked around July 4th, but that they interrupted the hack in progress. Still the hackers got usernames, passwords, email addresses, date of birth, gender, some phone numbers and other information for […]
Continue reading → [DISPLAY_ACURAX_ICONS]NSA Deleting All Call Detail Records (CDRs) Acquired Since 2015 While the NSA is not providing a lot of details about what went wrong, the NSA is saying that it is deleting all CDRs acquired since 2015 because of technical irregularities that resulted in it receiving data that, likely, would be illegal under the current […]
Continue reading → [DISPLAY_ACURAX_ICONS]The Supremes Say Warrant Required For Cell Data In a 5-4 decision last week, the Supremes said that the police should have gotten a search warrant before they asked for months worth of location data of a suspect. The suspect in a robbery case was tracked by the police – over 12,000 locations, over 127 […]
Continue reading → [DISPLAY_ACURAX_ICONS]Latest Cost Estimates For Equifax Breach is $439 Million According to recent (March) tax filings, costs related to their breach are now $439 million, making the Equifax breach the costliest in US history. Assuming insurance does pay, it would cover, at most, $125 million, leaving Equifax to write a check for $300 million plus. Given […]
Continue reading → [DISPLAY_ACURAX_ICONS]Details Emerge on TicketFly Hack More details are coming out about the TicketFly attack. First thing is that the web site was based on WordPress. While WordPress is a very popular site for individuals and small businesses; using it for something as complex as a concert ticketing site is likely a mistake. Hackers were able […]
Continue reading → [DISPLAY_ACURAX_ICONS]One Vendor, Two Unprotected Servers Equal Disaster Agilisium, a cloud storage vendor to Universal Music Group, exposed UMG’s internal FTP credentials, AWS Secret Keys and Passwords and the internal and SQL root password to the open internet – all via two instances of the Apache Airflow server with no password. Your Vendor Cyber Risk Management Program […]
Continue reading → [DISPLAY_ACURAX_ICONS]