Research Reveals Cost of Online Fraud to UK

This week has been Get Safe Online Week and to coincide with the event, the National Fraud Intelligence Bureau researched cyber-crime in the UK. The research found that over the last year, the ten biggest online scams cost victims over £670m – although the actual figure is thought to be significantly higher than that due to unreported crimes. A separate poll found that while over half of Britons have been…

Kmart hit by card hack attack

It’s been revealed that a data breach at US retail chain Kmart that compromised card details lasted over a month. The discount department store said that the malware was discovered last week but had been operating since early September. Based on its investigation so far, the company said that it believes credit and debit cards were exposed but that no personal information, PIN numbers, email addresses or social security numbers…

AT&T Insider Data Breach | Customer Data Breach

AT&T has become the latest multinational company to suffer a data breach after one of its own employees gained access to customer data. The US mobile telecoms giant has started informing around 1,600 customers in Vermont that their personal data was breached in August. In a letter posted on the Vermont government’s website, AT&T confirmed that a former employee had broken the company’s privacy policy and obtained customer data, including…

Gmail Flaw Highlights Mobile App Risks

Researchers at the University of California’s College of Engineering and the University of Michigan have identified a weakness in Gmail’s mobile application that could allow malicious third party apps to obtain personal information from users’ email accounts. Researchers found that 92 percent of Gmail accounts, and around 82 per cent of the several apps they tested, can be cracked using the memory interrogation technique. While this is an alarmingly high…

Paddy Power Notifies Customers of Data Breach… Four Years Late

Irish bookmaker Paddy Power has admitted that personal details of more than 600,000 customers were stolen in a cyber-attack that occurred in 2010. The company revealed that it was aware of an attack on its system four years ago but failed to inform customers of the security breach. Data including names, usernames, postal addresses, email addresses, phone numbers, dates of birth as well as security questions and answers were stolen,…

600,000 Customers Data Sliced from Domino’s Pizza

You may have seen this week’s news that 600,000 customer records were stolen from pizza chain Domino’s, yet again raising questions about just how seriously large corporations and big brands are taking data protection. It is the second time in less than a month that we have seen customers’ personal details compromised after the records of 145 million people were affected by a breach of eBay’s networks. For a period…

eBay & Apple Security Breach | IT Security Vulnerabilities

eBay & Apple Security Breach The former Prime Minister, Harold Wilson, once observed that a week is a long time in politics.  The same is also true in IT security.  A week ago, eBay was a trusted brand with a good security reputation:  after all, it had survived the Heartbleed vulnerability scare that affected so many other globally-popular websites.  Now this reputation has been shattered after it revealed that it…

Yet Another HeartBleed.

This Heartbleed Information Disclosure Vulnerability has pretty much been covered all over the internet today (8th April 2014).  As a one-page-stop summary, please read below: An online site exists to check vulnerabilities: http://filippo.io/Heartbleed/ Source Code available at: https://github.com/FiloSottile/Heartbleed A python script (thats much better): http://s3.jspenguin.org/ssltest.py A second version of above code with STARTTLS Support: https://gist.github.com/takeshixx/10107280 A good breakout of why the bug exists is here: http://blog.existentialize.com/diagnosis-of-the-openssl-heartbleed-bug.html Watching twitter has been entertaining, login.yahoo.com has been leaking user…

The data breach earthquake

The aftershocks of a data breach can be catastrophic to a business, whether it’s the loss of sensitive information such as customer records, or the business’ intellectual property finding its way into the wrong hands.  What is certain, is it will have a detrimental impact to the bottom line in one way or another. The actual cost is often difficult to quantify. Especially when it comes to intellectual property as…

The diverse nature of data breaches

There have been two data breaches to note in the news in the last week or so that show the diverse nature of the causes of leaks, and the risks they pose to businesses and their customers.  The perception is that data breaches are targeted malicious attacks by criminal gangs, but this isn’t always necessarily the case. First to hit the headlines was Tesco’s Club Card data leak. This wasn’t…