Cape May-Lewes Ferry Confirms Credit Card Data Breach


The Cape May – Lewes Ferry has confirmed its payment data systems were infiltrated by hackers who took payment card data on certain systems at the Cape May-Lewes Ferry’s terminals and vessels.

Delaware River and Bay Authority(DRBA) that operates the Cape May – Lewes Ferry learned of a possible data breach on July 30 - The same day Jimmy John's learned of the data breach.

The organization with the help of third-party cyber forensic experts has determined that its card processing systems relating to food, beverage , and retail sales only were compromised.

Credit and Debit card data of individuals who have made purchases from September 20, 2013 through August 7, 2014 at the Cape May – Lewes Ferry ’s terminals and vessels at risk.

The malware planted by the cyber criminals has been eliminated.  The card data accessed by the malware includes card numbers, cardholder's names and/or card expiration dates.

DRBA is offering free identity protection services, including credit monitoring to affected customers.

Jimmy Johns hit by Point of Sale(POS) Malware

Jimmy John's is the latest company hit with Point-Of-Sale(POS) information breach. 

The Illinois based sandwich shop said it learned of the hack on July 30 and immediately hired security experts to help with the investigation.

In July, Brian Krebs reported that multiple financial institutions were seeing fraud on cards that had all recently been used at Jimmy John's locations.  He also reported that the stores are using pos systems made by a third party vendor Signature Systems Inc.  At the time,  the breach was not confirmed.  After nearly two months, the company confirmed it.

According to the company's statement, hackers stole log-in credentials from its POS vendor and used them to gain access to Jimmy John's POS systems.

The Signature Systems also confirmed the breach that attackers gained access to user name and password that they used to remotely access the POS systems.

The attackers then installed a malware which is designed to capture payment card data from cards that were swiped through terminals.

The information including card number, verification code, expiration date and card holder's name are at risk. The company says the information entered online such as email ids,passwords are not affected.

The incident affected approximately 216 Jimmy John's stores.

Monsanto hacked, 1300 individuals affected

Monsanto, a chemical and agricultural biotech corporation, has admitted that hackers managed to breach the server of its subsidiary Precision planting.

The breach occurred in late March, affecting less than 1,300 customers and employees.

The affected server contained sensitive information including customer names, addresses, tax ID numbers, Social Security numbers and financial information.

The server was also used for storing Human Resources Department data which includes employee names, addresses, social security numbers and driver's license numbers of small number of employees.

The company claims that it does not believe the breach was an attempt to steal customer information.

The affected individuals are being offered one year free membership of credit monitoring and identity theft insurance. 

Spotify suffers Data Breach, You should upgrade the android app

Music Streaming Service Spotify is the latest high-profile company to report a Data breach.  Spotify has announced on its blog that it had been hacked.

According to the blog post, the breach affected only one user.  The affect user has been notified about the incident.  The company says the breach did not involve any password, financial or payment information.

"Based on our findings, we are not aware of any increased risk to users as a result of this incident." Oskar Stål, Chief Technology Officer at Spotify said in the blog post.

As an additional security measure, the company also recommends android users to upgrade their spotify application.  iOS and Windows Phone users do not need to take any actions.

"We apologise for any inconvenience this causes, but hope you understand that this is a necessary precaution to safeguard the quality of our service and protect our users." the blog post reads.

Avast community forum hacked, user names and passwords stolen

Antivirus firm Avast said it took its community forum offline following a hacking attack compromised its database.

User names, email addresses,nick names and passwords were compromised in this attack.  The breach did not involve any financial data, license or any other data.

While the passwords are hashed(SMF forum software uses SHA-1 with a salt to store passwords) , it will not take much time for a hacker to crack the hashes. The longer the password, the harder it is to crack.

According to Avast blog post, the security breach affects less than 0.2% (about 400,000) of Avast's 200 million users.

People who uses the same password on other websites are advised to change those passwords immediately. 

Until now, their forum used an open source community software called "Simple Machines Forum(SMF)".  It appears the Avast is using an outdated version of SMF.


Avast said it is now "We are now rebuilding the forum and moving it to a different software platform" which will be secure one.

eBay hacked, Encrypted passwords and non-financial data stolen


If you have an account in eBay, it is time to change your password!

E-commerce company eBay Inc urges users to change their passwords following a security breach impacting a database containing encrypted passwords and non-financial data.

The database accessed by hackers includes customers' information such as names, encrypted passwords, email IDs, birth dates and phone number.

eBay said it had found no evidence that any financial or credit card information, which is said to be stored in separate database server in encrypted format. 

The company also said a small number of employee login credentials have been stolen in the breach, which allowed intruders to gain access to its corporate network.

The company said the breach happened between late February and early March.

eBay can sent out all the "Offer" mails to users immediately...but why it is taking long to send a security warning?! Once they know the attack has happened and details have been compromised, why wait?!

Bitly website hacked, accounts credentials compromised


Bitly(bit.ly), the Popular URL shortening service, has issued an urgent security warning about a security breach that exposed account's credentials.

The company says they found no evidence suggesting that any accounts have been accessed by the intruders.  However, as a precaution, the company has disconnected users' facebook and twitter accounts.

"We invalidated all credentials within Facebook and Twitter" the blog post reads.

Although the social media accounts appear to be connected with bitly account,  users won't be able to publish anything until they reconnect the accounts. 

Users are advised to take the following steps to reset their OAuth tokens and API Keys:

1) Log in to your account and click on ‘Your Settings,’ then the ‘Advanced’ tab.

2) At the bottom of the ‘Advanced’ tab, select ‘Reset’ next to ‘Legacy API key.’

3) Copy down your new API key and change it in all applications. These can include social publishers, share buttons and mobile apps.

4) Go to the ‘Profile’ tab and reset your password.

5) Disconnect and reconnect any applications that use Bitly. You can check which accounts are connected under the ‘Connected Accounts’ tab in ‘Your Settings.’
Bitly says "they have already taken proactive measures to secure all paths that led to the compromise". 

Eircom recommends customers to change password after detecting Intrusion

Eircom, an Ireland Based Telecommunications company, has apologized to its users after it was forced to shut down its email service on Wednesday, after detecting an unauthorized access to the email system.

"we took immediate steps to lock down our email service and eliminate any threat to our 350,000 eircom.net email users" The company said.

The company said they found no evidence suggesting that the Inruders have gained access to any other systems or services including customer data.

They also recommend their customers to change their email accounts passwords and on a regular basis in the future.  If you have used the same password anywhere else, it is better to change their also.

After implementing a number of system modifications, access to eircom.net email had been fully restored.

The company said it is still trying to find out the cause of intrusion and had alerted relevant bodies including the Office of the Data Protection Commissioner.

AOL security breach affects a significant number of users


Over the past few days, a large number of AOL users reported of being victim to Email Spoofing attacks -- Recipients received emails purportedly from their friend's email ID containing links to spam web pages. 

Today, AOL said it had launched an investigation into the security breach that allowed hackers to access its users' data including email IDs and encrypted passwords.

The company said it is working with cyber forensics experts and federal authorities to investigate the security breach.

AOL have determined that the following information have been accessed by intruders : Email IDs, postal addresses, address book contact info, encrypted passwords and encrypted answers to security questions and certain employee info.

AOL said it has no information indicating that the encryption on passwords or answers to security questions was broken.  Also they believe this breach doesn't involve any financial data.

AOL suggest users to change their password as well as security questions.

Michaels confirms security breach affecting 2.6 Million cards

After over two months of investigation, Michaels stores has finally confirmed the payment card data breach affecting approximately 2.6 million cards.

The compromised data includes Payment card information such as numbers and expiration date for the payment cards.  However, there is no evidence that other data such as names, PINs,addresses have been accessed.

The data breach occurred between May 8, 2013 and January 27, 2014.  The company said only a small percentage of cards(7%) used at Michaels stores during this period were impacted by this breach.

The company is offering one year free credit card monitoring.  After receiving limited reports of fraud,  the company is also offering one year free identity protection and fraud assistance services.

The location of affected stores and dates of exposure are listed here.

Aaron Brothers, one of the subsidiaries of Michaels stores, was also attacked by criminals.  The breach which took place between june 26,2013 and Feb 27,2014 have affected approximately 400,000 cards.

"We have now identified and fully contained the incident, and the malware no longer presents a threat while shopping at Michaels or Aaron Brothers" The retailer said they have removed the malware in question. 

Details of Over 480,000 people stolen from The Harley Medical Group


Hackers breached the server of an UK Plastic & Cosmetic Surgery company The Harley Medical Group and compromised personal details of over 480,000 people.

The individuals who have submitted their data via an initial inquiry form on the company's website were affected by this breach.

The information accessed by attackers include the names, email IDs ,date of birth, addresses and phone numbers , according to Hot For Security.  No clinical or Financial information has been accessed by attackers.

The company said it believed the attack was an attempt to extort money from the company.

"We have informed the police and will continue to provide whatever assistance they may require to track down the perpetrator of this illegal act" Harley chairman Peter Boddy said in the letter.

LaCie Security Breach went unnoticed for a Year


If you used a credit or debit card to purchase electronic items at LaCie's website last year, you may want to eagle-eye your card statements.

LaCie, French Computer Hardware company specializing in external hard drives, announced that it fell victim to a security breach that put customers' personal information and financial information at risk.

The company says cybercriminals used malware to infiltrate their website.  After getting notification from FBI on March regarding the breach, LaCie hired cyber forensic investigation firm.

Customers who made transactions between March 27,2013 and March 10,2014 were affected by this data breach.

According to an incident notification, customers' usernames, passwords, names, addresses, email IDs, credit and debit card information are all at risk.

Customers' passwords have been reset. e-commerce portion of the site has temporarily been disabled while the company "transition to a provider that specializes in secure payment processing services".

55,000 Social Security Numbers exposed in VFW.org security breach

The Veterans of Foreign Wars(VFW.org) of the United States recently began notifying affected users that hackers were able to their personal information.

In February 2014 , attackers compromised the VFW's website and planted malicious code that infects users' system with malware who visits vfw.org from vulnerable Internet Explorer versions.  The attack was believed to be originated from China.

An investigation into the incident shows that names, addresses and social security numbers of approximately 55,000 VFW members were compromised in the breach.

The letter dated April 4 said back in March VFW became aware of the security breach.

"VFW has been informed that the purpose of the attack wasn't identity theft, but rather to gain access to information regarding military plans or contracts" The letter reads.

VFW said they are offering one free year of identity theft protection services from AllClear ID to the affected members.

GovWin IQ website hacked, credit card information of 25,000 at risk

GovWin IQ System run by an enterprise software and information solutions provider Deltek suffers a security breach that puts information of around 80,000 employees of federal contractors at risk.

GovWin  are designed specifically for Government Contractors aiming to grow their business.

The breach occurred sometime between July 3,2013 and November 2,2013.  However, the company came to know about the breach only on March 13,2014.  

The hacker exploited a security vulnerability in the GovWin IQ System and managed to access customers' data.  The information accessed by hackers includes Names, billing addresses, phone numbe,s. and business email IDs.

According to Federal News radio report, the hackers also had access to credit card information of about 25,000 of those affected customers. Those who had card information compromised are being offered free credit monitoring services.

The company says it is cooperating with law enforcement on this case.  They have also hired a cyber security forensic firm. They also claimed to have arrested the hacker believed to behind the breach.

Germany's biggest data theft, 18 million emails and passwords stolen


18 Million email addresses and passwords have been stolen in what is being called the biggest data theft in Germany's history.

The compromised accounts are reportedly being misused for criminal purposes such as spreading spam emails.

The authorities have determined that at least three million of compromised accounts belong to German citizens(accounts ending with '.de').  The rest had international domain extensions such as '.com'.

It is still unknown exactly how many German and people from other countries have been affected by this massive data theft. 

A spokesperson for the states prosecutor's office in Verden, Lower Saxony, Germany, told The Local that they are currently in the process of determining how hackers accessed 18 million accounts.

It is second major data theft in Germany this year.  In January, German authorities announced that hackers accessed 16 million email addresses and passwords.

Spec's breach affects 550,000 customers

Texas liquor store Spec's says it experienced a cyber attack on its network  that exposed personal and financial information of more than a half million customers.

The company issued a statement saying the breach affects fewer than 5% of its total transactions.  Those who shopped at one of the 34 their affected stores were affected by this breach.

According to the statement, the attack began on October 31,2012 and may have continued through March 20 of this year.

The exposed information includes names, credit/debit card number, expiration date and card security code or check information including Bank account number, bank routing number, birth dates, driver's license number.

Spec's spokeswoman Jenifer Sarver told the Houston Chronicle that the breach affected "an estimated fewer than 550,000" customers and Spec's employees.

Spec's says it's working with United States Secret service in ongoing criminal investigation to arrest the attackers and taking steps to prevent future attacks.

Data breach at Seattle Archdiocese affects 90k employees and volunteers

Hackers breached the database of Seattle Archdiocese and compromised the data belong to thousands of employees and volunteers.

Church conducts a background check for employees and volunteers where they are asked to give their Social Security numbers, which will be stored in a database.

According to reports, this database has been compromised by attackers which reportedly affects more than 90,000 employees and volunteers. 

The Archdiocese has reported the data breach to the FBI and IRS.  A cyber forensic team is trying to determine the source of the breach.

Those who think they might have been affected are advised to contact the IRS identity protection specialized unit.

Hackers compromised 300k personal records from University of Maryland

Hackers breached University of Maryland's computer and compromised data belong to more than 300,000 people affiliated with the school on its College Park and Shady Grove campuses.

Details of students, staffs have been compromised in this security breach.  The accessed information includes Social Security numbers, names, birth dates and university ids, reports TwinCities.com

On Tuesday, 4 a.m, an Intruder gained access to a database containing information dating to 1998.  Other than stealing the data, the hacker didn't do any damage for the server.

University President Wallace D. Loh. said school officials are investigating the security breach and trying their best to prevent such kind of attacks in future.

Loh said they are also working with Law enforcements authorities. Computer forensics experts are examining the logs to determine how intruders gained access.

University plans to offer one year free credit card monitoring service to those who affected by this breach. 

KickStarter kicked by Hackers, username and password stolen

Online Crowdfunding website KickStarter is to be the latest high-profile website reporting security breach.  KickStarter became aware of the breach, after receiving a notification from Law enforcement.

Hackers breached their website( kickstarter.com) and gained access to the user's information including usernames, encrypted passwords, email IDs and phone numbers.  The company says there is No Credit card data compromised in this breach.  

Even though the password is encrypted one,  we aware the fact that attackers with enough computing power can easily crack those passwords.

The company informs that two accounts have been accessed by hackers so far.  All users are recommended to change their password immediately for the KickStarter website.

If you are using the same password in any other websites(most of us do), you are also advised to reset the password there also.

"We’re incredibly sorry that this happened. We set a very high bar for how we serve our community, and this incident is frustrating and upsetting." the company apologizes in their blog post.

Target data breach started with a Spear phishing attack targeting HVAC firm

A latest information on Target data breach published by security blogger Brian Krebs shows the power of Social Engineering attacks. 

It appears everything began from a spear phishing attack in which employees of HVAC company Fazio Mechanical Services targeted with an email containing a piece of malware.

Sources have told Krebs that the malware used in the attack is Citadel- a notorious banking trojan capable of stealing login credentials and other information.  However, Krebs isn't able to confirm the information.

The reason why the company didn't get chance to identify the malware is because it is using a free version of Malwarebytes Anti-malware to protect is internal systems.

Malwarebytes is one of good tool capable of scanning and removing threats from infected machines.  However, unlike the Pro version(just $25), it doesn't offer any real-time protection.

Furthermore, the free version is meant for individuals not for companies, also the license for free version prohibits corporate use.