Page 1 of 2 12 LastLast
Results 1 to 10 of 20

Thread: Security breach/compromise - 2012

  1. #1
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Security breach/compromise - 2012

    FYI...

    Global Payments breach - 1.5M exposed ...
    - https://krebsonsecurity.com/2012/04/...ards-exported/
    April 2, 2012 - "Global Payments, the credit and debit card processor that disclosed a breach of its systems late Friday, said in a statement Sunday that the incident involved at least 1.5 million accounts. The news comes hours ahead of a planned conference call with investors, and after Visa said it had pulled its seal of approval for the company... In a press release issued 9:30 p.m. ET Sunday, Atlanta based Global Payments Inc. said it believes “the affected portion of its processing system is confined to North America and less than 1,500,000 card numbers may have been exported. Based on the forensic analysis to date, network monitoring and additional security measures, the company believes that this incident is contained”. It remains unclear whether there are additional accounts beyond these 1.5 million that were exposed by the breach; the company’s statement seems to be focusing on the number of cards it can confirm that thieves offloaded from its systems..."

    Breach anatomy graphic
    - https://krebsonsecurity.com/wp-conte...my-600x430.png

    - http://h-online.com/-1498448
    2 April 2012

    - http://www.reuters.com/article/2012/...83102P20120402
    Apr 1, 2012 - "Visa Inc. has dropped payment processor Global Payments Inc. from its list of approved service providers after a major cyber intrusion that could expose Visa, MasterCard, American Express and Discover card holders to fraud. Global Payments said it believes less than 1.5 million credit card numbers were stolen in the cyber security breach..."

    - http://www.databreaches.net/?p=23827
    March 30, 2012
    ___

    - http://corporate.visa.com/media-center/index.shtml
    Mar 30, 2012 - "Visa Inc. is aware of an announcement from Global Payments Inc. that it experienced unauthorized access into a portion of its processing system... Visa encourages cardholders to regularly monitor their accounts and to notify their issuing financial institution promptly of any unusual activity..."
    - http://www.visasecuritysense.com/en_US/index.jsp

    - http://newsroom.mastercard.com/2012/...personal-data/
    March 30, 2012 - "... MasterCard and financial institutions do not proactively solicit personal or payment card information from customers... be wary of unsolicited requests by anyone claiming to represent one of these entities..."

    Last edited by AplusWebMaster; 2012-04-03 at 15:17.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #2
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Question Breach window at Global Payments expands

    FYI...

    Breach window at Global Payments expands
    - https://krebsonsecurity.com/2012/05/...indow-expands/
    May 1, 2012 - "A hacker break-in at credit and debit card processor Global Payments Inc. dates back to at least early June 2011, Visa and MasterCard warned in updated alerts sent to card-issuing banks in the past week. The disclosures offer the first additional details about the length of the breach since Global Payments acknowledged the incident on March 30, 2012... Visa and MasterCard have issued at least seven updates, warning of additional compromised cards and pushing the window of vulnerability at Global Payments back further each time. Initially, MasterCard and Visa warned that hackers may have had access to card numbers handled by the processor between Jan. 21, 2012 and Feb. 25, 2012. Subsequent alerts sent to banks have pushed that exposure window back to January, December, and then August. In an alert sent in the last few days, the card associations warned issuers of even more compromised cards, saying the breach extended back at least eight months, to June 2011... so far, Global Payments has offered few details about the incident beyond repeating that less than 1.5 million card numbers may have been stolen from its systems... Global Payments spokeswoman Amy Korn declined to comment for this story, but said the company would be releasing additional information about the incident in a statement on its Web site, http://www.2012infosecurityupdate.com/ , later this evening*."
    * http://www.2012infosecurityupdate.com/
    "... Based on our announcement of unauthorized activity in a limited segment of our North American processing system, some card brands removed us from their list of PCI compliant service providers. They have requested we revalidate our PCI status, which we will do following the current investigation. We anticipate that we will be re-instated to those lists at the conclusion of the re-validation and any required remediation... We have not publicly communicated any time periods and there is a full investigation underway. It would be premature and inappropriate for us to speak to or confirm any timeframes until the investigation is complete. We identified and self-reported this incident in early March, and we will continue to provide information to the appropriate parties as revealed by the investigation."
    ... As of May 1, 2012

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #3
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Debit card accounts stolen - Global Payments breach ...

    FYI...

    Debit card accounts stolen - Global Payments breach ...
    - https://krebsonsecurity.com/2012/05/...id-card-fraud/
    May 14, 2012 - "Debit card accounts stolen in a recent hacker break-in at card processor Global Payments have been showing up in fraud incidents at retailers in Las Vegas and elsewhere, according to officials from one bank impacted by the fraud. At the beginning of March 2012, Danbury, Conn. based Union Savings Bank began seeing an unusual pattern of fraud on a dozen or so debit cards it had issued, noting that most of the cards had recently been used in the same cafe at a nearby private school. When the bank determined that the school was a customer of Global Payments, it contacted Visa to alert the card association of a possible breach at the Atlanta-based processor, according to Doug Fuller, Union Savings Bank’s chief risk officer. That’s when USB heard from Tony Higgins, then a fraud investigator at Vons, a grocery chain in Southern California and Nevada owned by Safeway Inc. According to Fuller, Higgins said the fraudsters were coming to the stores to buy low-denomination Safeway branded prepaid cards, and then encoding debit card accounts issued by USB onto the magnetic stripe on the backs of the prepaid cards. The thieves then used those cards to purchase additional prepaid cards with much higher values, which were then used to buy electronics and other high-priced goods from other retailers... The experience of Union Savings Bank illustrates how fraudsters can extract value from debit cards even if they only have -some- of the data associated with the accounts. Initial alerts about the breach from Visa and MasterCard stated that the breach at Global Payments compromised -both- Track 1 and Track 2 data from affected card accounts, meaning thieves could produce counterfeit versions of the cards and possibly commit other acts of identity theft against cardholders. Global Payments claims that only Track 2 data was taken, and that cardholder names, addresses and other data were were not obtained by the criminals. Yet, as USB’s story shows, the data on Track 2 alone was enough for the crooks to encode the card number and expiration date onto any cards equipped with a magnetic stripe. The cards could then be used at any merchant that accepts signature debit — transactions that do not require the cardholder to enter his or her PIN... USB’s experience also raises fresh questions about the timing of the breach discovery. Global Payments says it self-discovered and self-reported the breach on March 8, but Fuller said his bank figured out Global Payments was having an issue and reported the fraud before that..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #4
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Unhappy WHMCS breach ...

    FYI...

    WHMCS breach ...
    - https://krebsonsecurity.com/2012/05/...f-the-trouble/
    May 24, 2012 - "A recent breach at billing and support software provider WHMCS that exposed a half million customer usernames, passwords — and in some cases credit cards — may turn out to be the least of the company’s worries.. for the past four months hackers have been selling an exclusive zero-day flaw that they claim lets intruders break into Web hosting firms that rely on the software... Following an extended period of downtime on Monday, the privately-owned British software firm disclosed that hackers had broken in and stolen 1.7 gigabytes worth of customer data, and deleted a backlog of orders, tickets and other files from the firm’s server... WHMCS’s user forums have been and remain under a constant denial-of-service attack, and the company is urging customers to change their passwords... Many users seem to be worried that the data stolen the now-public breach may include WHMCS direct customer data, as well as the location of the installed software and credit card data, and passwords for WHMCS installs that were done by them or supplied during troubleshooting..."
    ___

    - http://www.databreaches.net/?p=24284
    May 22, 2012

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #5
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation LinkedIn passwords leaked ...

    FYI...

    LinkedIn Blog:
    - http://blog.linkedin.com/2012/06/06/...s-compromised/
    June 6, 2012 - "... update on this morning’s reports of stolen passwords.
    We can confirm that some of the passwords that were compromised correspond to LinkedIn accounts. We are continuing to investigate this situation and here is what we are pursuing as far as next steps for the compromised accounts:
    1. Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid.
    2. These members will also receive an email from LinkedIn with instructions on how to reset their passwords. There will not be any links in these emails. For security reasons, you should -never- change your password on any website by following a link in an email.
    3. These affected members will receive a second email from our Customer Support team providing a bit more context on this situation and why they are being asked to change their passwords.
    It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases..."

    LinkedIn passwords leaked ...
    - http://nakedsecurity.sophos.com/2012...ke-action-now/
    June 6, 2012 - "Although not yet confirmed by the business-networking website, it is being widely speculated that over six million passwords belonging to LinkedIn users have been compromised. A file containing 6,458,020 SHA-1 unsalted password hashes has been posted on the internet, and hackers are working together to crack them. Although the data which has been released so far does not include associated email addresses, it is reasonable to assume that such information may be in the hands of the criminals. Investigations by Sophos researchers have confirmed that the file does contain, at least in part, LinkedIn passwords. As such, it would seem sensible to suggest to all LinkedIn users that they change their passwords as soon as possible as a precautionary step..."

    - http://www.reuters.com/article/2012/...8H68FJ20120606
    Jun 6, 2012

    - https://krebsonsecurity.com/2012/06/...your-password/
    June 6, 2012
    > http://krebsonsecurity.com/password-dos-and-donts

    Last edited by AplusWebMaster; 2012-06-06 at 23:56.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #6
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down eHarmony data-breach

    FYI...

    eHarmony dating site data-breach
    - http://www.theregister.co.uk/2012/06...password_dump/
    7 June 2012 - "Along with the LinkedIn password dump, dating site eHarmony has confirmed that some of its users’ passwords have also been published online, possibly by the same attacker as that obtained the LinkedIn data... It says all affected user passwords have been reset, along with providing the usual advice of creating strong passwords, using a different password for every site, and changing passwords every few months*. The LA Times says that the eHarmony list contained only passwords..."

    * http://advice.eharmony.com/blog/2012...sed-passwords/
    June 6, 2012

    > http://www.reuters.com/article/2012/...85511820120607
    Jun 7, 2012

    eHarmony admits to leaking 1.5 million passwords
    - http://h-online.com/-1612654
    7 June 2012

    Last edited by AplusWebMaster; 2012-06-07 at 18:42.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #7
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Last.fm pwds - millions leaked ...

    FYI...

    Top 15 Worst Data Breach Incidents of 2012 ...
    - http://www.csoonline.com/slideshow/d...-So-Far#slide1
    June 18, 2012

    6 Biggest Breaches Of 2012 So Far
    - http://www.darkreading.com/taxonomy/...e/id/240002408
    Jun 20, 2012
    1. Zappos - Time Of Disclosure: January 2012 - Records Breached: 24 million records, including names, email addresses, phone numbers, last four digits of credit card numbers, and encrypted passwords...
    2. UNC - Time Of Disclosure: February 2012 - Records Breached: 350,000 records...
    3. Global Payment Systems - Time Of Disclosure: March 2012 - Records Breached: 7 million consumer records, including 1.5 million credit cards...
    4. South Carolina Health and Human Services - Time Of Disclosure: April 2012 - Records Breached: 228,435 records...
    5. University of Nebraska - Time Of Disclosure: May 2012 - Records Breached: 654,000 student records...
    6. LinkedIn - Time Of Disclosure: June 2012 - Records Breached: 6.5 million user passwords...
    ___

    Last.fm - change your password...
    - http://arstechnica.com/security/2012...eir-passwords/
    Jun 7, 2012 - "Social music site Last.fm announced an investigation into a user password leak this morning*... Last.fm is asking users to change their passwords immediately. Last.fm users can switch their passwords by logging in and accessing the "Settings" page, or by reporting their password as lost**. In the site's announcement, Last.fm re-emphasized these are the -only- means for password changes: 'We will never e-mail you a direct link to update your settings or ask for your password'..."

    Millions of Last.fm passwords leaked
    - http://h-online.com/-1613641
    8 June 2012

    * http://www.last.fm/passwordsecurity

    ** https://www.last.fm/settings/lostpassword
    ___

    eHarmony - Vague post leaves unanswered questions
    - http://arstechnica.com/security/2012...ds-compromise/
    Jun 7, 2012

    10 (or so) of the worst passwords exposed by the LinkedIn hack
    - http://arstechnica.com/security/2012...linkedin-hack/
    Jun 6, 2012

    Last edited by AplusWebMaster; 2012-07-13 at 18:57.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #8
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Yahoo! - 453,492 pwd's and email addresses hacked and exposed...

    FYI...

    Yahoo! - 453,492 pwd's and email addresses hacked and exposed...
    >> https://www.computerworld.com/s/arti...angry_and_easy
    July 12, 2012 - "... a list of 453,492 email addresses and passwords in plain text... found them by hacking into a database associated with an unnamed Yahoo service. The passwords weren't all for Yahoo services; they also come from domain names including gmail.com, hotmail.com and aol.com..."
    - http://www.reuters.com/article/2012/...86B0HT20120713

    - http://h-online.com/-1637505
    12 July 2012

    Yahoo! confirms data breach
    - http://h-online.com/-1640148
    13 July 2012
    ___

    Over 1 million user credentials compromised in Android Forums hack
    - http://h-online.com/-1640164
    13 July 2012

    NVIDIA Forums suspended after hack
    - http://h-online.com/-1640918
    13 July 2012

    Password Leaks Continue: Billabong, NVIDIA...
    - https://threatpost.com/en_us/blogs/p...romised-071312
    July 13, 2012 - "... The attacks, which some have suggested are driven by a demand for e-mail addresses used to supply spam runs and targeted phishing attacks... especially when that password information is stored in cleartext..."

    Thousands of GMX accounts compromised to send SPAM
    - http://h-online.com/-1638088
    13 July 2012

    Last edited by AplusWebMaster; 2012-07-16 at 00:31.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #9
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down 11 million passwords leaked from Gamigo ...

    FYI...

    11 million passwords leaked from Gamigo ...
    - http://h-online.com/-1651198
    24 July 2012 - "A file with 11 million password hashes belonging to users of the online games platform Gamigo has been circulated on the internet. According to an analysis by ZDNet, 8.2 million different email addresses are also part of the 478MB file. Around 3 million of these belong to users from the US, 2.4 million are German addresses and 1.3 million are supposed to originate in France. The list also includes corporate email addresses from companies such as IBM, Siemens, Deutsche Bank and the German insurance company Allianz. The file appeared in the same forum which had previously circulated millions of password hashes from Linkedin, Last.fm, eHarmony and other web sites... Gamigo, which is a subsidiary of the German Axel Springer publishing group, has confirmed to The H's associates at heise Security that the data contained in the file is authentic. The company has stated that it noticed a "security-related incident" in March 2012 in which an older version of a database was copied off its servers. Gamigo says it immediately contacted the affected members and reset the passwords to their accounts. The company also says it took the affected database offline and initiated "a comprehensive security audit". Now that the data has been leaked, the company wants to look at the incident again. Users who are registered with Gamigo and have used the same password at other web sites should immediately change their logins..."

    Password leak at meetOne - 900,000 members ...
    - http://h-online.com/-1652783
    26 July 2012 - "A data leak at the meetOne dating site allowed anyone to access private data including the plaintext passwords, email addresses and real names of the site's approximately 900,000 members..."

    Last edited by AplusWebMaster; 2012-07-26 at 19:31.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #10
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down 8.7 million hacked mobile customers in S.Korea

    FYI...

    8.7 million hacked mobile customers in S.Korea
    - http://news.yahoo.com/8-7-million-mo...062535102.html
    July 29, 2012 - "South Korean police have arrested two hackers who stole personal data of 8.7 million customers of the nation's second-biggest mobile operator, the company said. KT said the hackers - formally arrested on Sunday - had stolen data such as customers' names, phone numbers and residential registration numbers for five months since February and sold the information to telemarketing firms... Hacking attacks on major companies aimed to gain access to the personal data of their customers is a frequent occurence in South Korea, one of the world's most-wired nations. Seoul authorities said in July last year hackers using an Internet address registered in China had gained access to South Korean major websites including web portal Nate .com and may have stolen the private data of 35 million users. In November 2011, Seoul's top games developer Nexon saw personal information of 13 million users of its popular online game MapleStory stolen by hackers. In March 2010, authorities launched a probe into the security systems of major retailer Shinsegae and 24 other companies after private data on 20 million customers was leaked."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •