In a Senate report, Equifax is accused of neglecting its own cybersecurity policies which ultimately led to the 2017 data breach that exposed personally identifiable information (PII) of 145 million Americans . The company's key Senior Managers didn't attend cybersecurity meetings and an audit...
Jonathan Schisler thought his Amazon Alexa or kids had changed the temperature to 90 degrees on his Nest thermostat. But while scrolling through the device to clear a message about changing the air filter, he noticed that the email address on the device wasn't his wife's. Even his phone app was...
Huddle House has been affected by a data breach in its point of sale system. A third party point of sale (POS) vendor's data system was compromised and hackers used the vendor's tools to gain remote access--and the ability to deploy malware--onto the POS systems at numerous Huddle House...
Google has announced a new extension for Google Chrome called Password Checkup that will monitor the passwords that you type into websites to see if they have been compromised in a third-party data breach. Google says it has access to over 4 billion credentials that have been compromised and...
Troy Hunt is a Microsoft Regional Director and is the owner and creator of Have I Been Owned (HIBP). Today he alerted the security community to a massive 87GB data breach that the hacker community calls "Collection #1." It contains 773 million unique email addresses, 1.1 billion unique...
Marriott International has provided an update to the "Starwood" data breach that was initially thought to have affected 500 million of its customers. After "working closely with its internal and external forensics and analytics investigation team" Marriott was able to determine that the number...
china
credit card
databreachdatabase
decrypt
encrypted data
forensics
hacker
intrusion
marriott
marriott international
master encryption key
network
plain text
security
starwood
technology
unencrypted data
NASA has sent out a memo to inform employees of a possible data breach that may have exposed the Social Security numbers and other personally identifiable information (PII) to hackers. The space agency does not believe that Agency mission data was affected by the cyber incidents. Agency...
Cathay Pacific Airways has announced that a 'data security event' occurred (hack) in March and 9.4 million people are affected. The airline says that there is no evidence that personal information has been misused and reassured passengers that the flight operations are on a separate system...
Uber has reached a $148 million settlement with state attorneys general in all 50 states with varying amounts being distributed to each state. The legal matter that was settled was in reference to the 2016 data breach in which Uber failed to notify the 57 million customers affected by it for...
The Adware Doctor app occupied the front page of the Apple App Store as the #4 highest rated app, but it had a dark secret. Instead of removing viruses and malware from iOS devices, it was collecting all browser history, app store purchases, and more to bundle into an encrypted file to be sent...
It seems like every week I'm posting about another data breach or hack and this week is no exception. RoboCent, a political robocall firm, left exposed an AWS bucket that had voter records for hundreds of thousands of US voters. The data exposed included names, addresses, phone numbers, age and...
Data breaches are occurring more and more often these days and it's apparent the companies that collect our data aren't too interested in keeping it safe. The latest breach is from Adidas and they have emailed customers to let them know that their user names, contact information and encrypted...
Marketing firm Exactis has leaked the personal information of close to 340M individuals in the US. That's pretty much almost every US citizen. Email addresses, addresses, phone numbers as well as family information like number of children, genders and much more are in this leak. This is even...
The California senate has approved a strict data breach law that allows both customers and non-customers alike to sue third-party data brokers for damages caused by a breach. The bill will allow damages of $1K per breach or monetary damages - whichever is greater. This bill is a reaction to...
If you used your credit card at a Chili's restaurant in March or April of this year, the restaurant is stating that it is possible that your credit card information was collected by "unauthorized access." But have no fear, Chili's is working tirelessly to find out who did this. As for what is...
Everyone by now knows that Equifax had a data breach that exposed over 140 million consumers personal information to include social security numbers. What most people didn't know was the full scope of the breach and now Equifax has released the information to the Securities and Exchange...
Once again a poorly configured AWS S3 bucket has exposed millions of users personal data. The culprit this time is social network data aggregator LocalBlox and they left their bucket of 48 million records open for anyone to take a look at. The information contained names, addresses, DOB...
Uber and the FTC have agreed on an expanded settlement over the 2016 data breach of millions of customers information. The FTC claims Uber mislead their customers about their privacy and security practices and then hid the 2016 data breach from the FTC. Not a good idea to hide a data breach...
According to a recently released IBM report, data breaches in 2017 declined by 25 percent from the previous year. This is good news, but the bad news is the use of ransomware is on the rise and this is the reason for the data breach decline. If you think about this it makes sense because all...
A judge in Massachusetts has denied a motion to dismiss from Equifax and is going to allow the state to sue them for the massive data breach that exposed personal information from millions of consumers last year. In my opinion this is a good ruling by the judge and this is just the beginning of...
In this day and age of your privacy getting spilled out across fiber optic and CAT 5 cables everywhere, Aetna digs down deep to find an old fashioned way of outing your personal information. And while I am joking about this, it is actually a fairly serious violation of privacy that most...
In the it's about time department, Senate Democrats have submitted a bill that will provide for jail time for executives that conceal data breaches. Maybe with something like this in force these big companies might actually take cybersecurity seriously and protect our private data to the best...
Mozilla engineers have come up with a pretty cool add-on for Firefox. It's a notification system that tells a Firefox user whether or not the site they are visiting has had a data breach. This is a nice feature and it will take some of the guess work out of knowing who is somewhat secure or...
It appears that Sonic Drive-In may be another victim to a data breach. This follows the credit card breach fast food company Wendy's experienced earlier last year. The drive-in fast food chain has nearly 3,600 locations. Be sure to check on your credit card accounts for any unusual transactions...
According to the former CEO of Equifax, Richard Smith, his company has 225 employees. During a live stream to a federal subcommittee, Mr. Smith says that due to "human error," the individual solely to blame failed to notify the organization of the patch required to fix its security hole. The...