Entries in security breach (9)

Thursday
Sep222016

Yahoo finally confirms 2014 breach that affected over 500 million users

The Yahoo breach first broke in August when a hacker called Peace was promising to sell 200 million usernames, passwords, birthdates, and email addresses for less than US$2,000. Yahoo wouldn’t confirm the legitimacy of the attack but now we finally get confirmation that the company was victim of a “state-sponsored” attack back in 2014. Yahoo elaborated on a statement on its investor relations site the types of data the hackers might have had access to. "The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers," the statement reads. This doesn’t include sensitive payment information but the hack is considered large enough that Yahoo is working with law enforcement to see what happens.

There is no word yet if there will be a government investigation brought about by this incident. Yahoo hasn’t also said why it took so long to publicly confirm the report. It could do with the fact that the beleaguered company is selling itself to Verizon and the news could cause harm to the deal before it officially closes in early 2017.

Source: Engadget

Monday
Jul202015

Ashley Madison breach raises another red flag on online security

By Gadjo Cardenas Sevilla

Ashley Madison's entire business plan is hinged on their ability to securely store customer's information including intimate photographs, personal profiles and chats. The website was recently hacked and 37 million customer's accounts were reportedly taken and hackers are threatening to leak all this information online unless the site is completely shut down.

Ashley Madison is a website and online community that unabashedly encourages people to have extramarital affairs. It is a dating site designed around making it easy to find various attached partners for casual encounters and no-strings attached sex.

Ashley Madison's entire business plan is hinged on their ability to securely store customer's information including intimate photographs,  personal profiles, sexual fantasies and intimate chats. Their homepage boasts a 'Trusted Security Award,' it promises a '100 % Discreet Service,' and is an 'SSL Secured Site.'

Despite this, Ashley Madison was recently hacked and 37 million customer's accounts, mostly from the US and Canada, were reportedly taken and hackers are threatening to leak all this information online unless the website property is closed down. 

Click to read more ...

Thursday
May222014

Now may be a good time to change your eBay password

eBay has been hacked in what many called a historic breach with 145 million user records taken by hackers. This breach happened three months ago and we're only hearing about it now. User passwords were among the many bits of information taken so every eBay buyer and seller should go in and change their password to make sure thaty they are safe from further invasion. 

Click to read more ...

Sunday
Apr272014

Internet Explorer security flaw puts users at risk

Security firm FireEye has discovered a security flaw in Internet Explorer, particularly version 9 to 11, that lets hackers gain full access to your computer.  FireEye said the active exploit also targets Adobe Flash and it lets hackers install programs on your PC, view and delete information, etc. by just visiting a site. A quick remedy is to stop using IE and opt for Chrome or Firefox. But if you are sticking with IE, Microsoft has published advanced methods you can use.  There is no patch at the moment but Microsoft is reportedly working on it.

Source: The Verge