fbpx

Download free GDPR compliance checklist!

Tag Archives for " passwords "

Ticketmaster Pays $10 Million Criminal Fine for Intrusions into Competitor’s Computer Systems

Ticketmaster Used Passwords Unlawfully Retained by a Former Employee of a Competitor to Access Computer Systems in Scheme to “Choke Off” the Victim’s Business.

Ticketmaster agreed to pay a $10 million fine to resolve charges that it repeatedly accessed without authorization the computer systems of a competitor. The fine is part of a deferred prosecution agreement that Ticketmaster has entered with the United States Attorney’s Office for the Eastern District of New York to resolve a five-count criminal information filed today charging computer intrusion and fraud offenses.

Source: Ticketmaster Pays $10 Million Criminal Fine for Intrusions into Competitor’s Computer Systems

Trump Twitter Account Hacker Won’t Be Punished

The Netherlands’ Public Prosecution Service has announced that Victor Gevers, the Dutch hacker who broke into the Twitter account of US President Donald Trump in October this year, will not be punished.

Even though hacking is a criminal offense in the Netherlands, the nation’s Public Prosecution Service (Openbaar Ministerie – OM) made the announcement after an investigation by the High Tech Crime Team, which found that Gevers’ intent was non-malicious and fell under what are considered ‘special circumstances’, aka ‘responsible disclosure’.

Source: Trump Twitter Account Hacker Won’t Be Punished – SecAlerts – Security vulnerabilities in your inbox

Border officer provides device passwords to police

A Canadian border officer who dealt with Meng Wanzhou at Vancouver’s airport in the hours before her arrest said he made an “embarrassing” and “heart-wrenching” mistake, when his handwritten note with the passwords of Meng’s electronic devices ended up in police hands, breaching privacy laws.

Meng’s lawyers say it was part of a covert plot by the Canada Border Services Agency (CBSA) and the Royal Canadian Mounted Police (RCMP), to gather evidence for the American FBI.

Source: Canada border officer says giving police Meng Wanzhou’s device passwords was ‘embarrassing, heart-wrenching’ blunder

23,600 hacked databases have leaked from a defunct ‘data breach index’ site

Site archive of Cit0day.in has now leaked on two hacking forums after the service shut down in September.

Cit0day operated by collecting hacked databases and then providing access to usernames, emails, addresses, and even cleartext passwords to other hackers for a daily or monthly fee.

In total, 23,618 hacked databases were provided for download via the MEGA file-hosting portal. The link was live only for a few hours before being taken down following an abuse report. Dataset is estimated at around 50GB and 13 billion user records.

Source: 23,600 hacked databases have leaked from a defunct ‘data breach index’ site | ZDNet

26 million LiveJournal credentials leaked online, sold on the dark web

LiveJournal credentials were obtained in a 2014 hack, but leaked online earlier this month.

According to Have I Been Pwned (HIBP), the data contained the usernames, emails, and plaintext passwords of 26,372,781 LiveJournal users. LiveJournal users can visit the HIBP portal and check if their credentials have been included in the data trove stolen by hackers back in 2014. Even if the LiveJournal database is old, has circulated in private, and has been abused for years, this doesn’t mean users should slack on their personal security.

Source: 26 million LiveJournal credentials leaked online, sold on the dark web | ZDNet

Over 190 Law Firms Affected by Advanced Data Leak That Exposed Over 10,000 Legal Documents

A leading UK software company exposed personal information and legal documents belonging to over 190 law firms through a data leak from an unsecured online database.

The information exposed by the data breach included details belonging to the staff of the law firms. The information uncovered in the data leak could be deemed sensitive or special and included details such as hashed passwords, legal documents, passport numbers, mother’s maiden name, and eye colors. The law firms affected had both their “primary” and “form” data leaked.

Source: Over 190 Law Firms Affected by Advanced Data Leak That Exposed Over 10,000 Legal Documents – CPO Magazine

UK looks to replace passwords with biometric technology to reduce NHS login time

The U.K. government is investing £40 million (USD$52 million) in multi-factor authentication technology to upgrade NHS staff computer login system and reduce employee login time, which has reportedly brought great stress and dissatisfaction among staff members.

The system will focus on a partnership with IT system suppliers to replace password logins with biometric multi-factor logins such as fingerprint access, making sure trusts comply and update processes so that staff is granted the access permission needed, and merging local with national system so healthcare facilitators can access all clinical and workforce systems. The upgrade will not only save time logging into different IT systems, but it will also boost infrastructure security.

Source: UK looks to replace passwords with biometric technology to reduce NHS login time | Biometric Update

Study finds consumers would choose biometric authentication over passwords

Passwords are a double-edged sword: they are meant to protect information, but they are also frustrating with so many to remember and manage.

A recent Visa survey showed that 68% of U.S. shoppers have abandoned an online purchase due to forgetting a password, trouble logging in, or issues receiving a one-time passcode.

According to Visa, more than half of credit cardholders who responded to the survey (53%) say they would switch banks if their current doesn’t offer biometric authentication options.

Source: #Privacy: Study finds consumers would choose biometric authentication over passwords

170m passwords stolen in Zynga hack, monitor says

Words With Friends company admitted hack in September but size only now revealed.

More than 170m usernames and passwords were stolen from the company behind Words With Friends in a hack this year. The information accessed by the hacker included email addresses, usernames and passwords stored in securely. The dump also included some Facebook IDs and phone numbers for users who had provided that information to the company.

Source: 170m passwords stolen in Zynga hack, monitor says | Games | The Guardian

Over 21 million stolen login credentials found on the dark web

Stolen login credentials from Fortune 500 companies have been found in numerous places on the dark web, many of which are available in plaintext form.

Amid the 21 million records exposed, it is noted that only 4.9 million of them were fully unique passwords, suggesting that many users have identical or similar passwords. 16 million of them being compromised during the last 12 months.

Source: State of Stolen Credentials in the Dark Web from Fortune 500 Companies | ImmuniWeb Security Blog

1 2 3 5
>