Justdial Smacked By a Subsequent Security Breach in Two Weeks; Poor OpSec To Blame!


Justdial is a renowned Indian hyper-local search engine which recently became prone to two security breaches in the span of two weeks.

Only a few weeks ago, the database of all the customers of Justdial was laid bare on the dark web and now the reviewers’ data got on the line.

The company that has beyond 134 million QUA can’t afford to make such reckless mistakes.

April 18th saw the private data including names, addresses, email IDs etc. of over 100 million users which was stored in the search engine’s database to be laid out in the open.

The organization owed the breach to an expired API which allowed anyone to access the data of users. Major percentage of the affected included the hotline number users.

Security researchers were the first to discover the breaches that so thrashed Justdial. They also cited that no specific actions against them were taken.

These claims were denied by Justdial mentioning that the data was stored in a double-encrypted format.

The same group of researchers again found out a lacuna in the API of Justdial on April 29th.

Herein the people who post reviews were harmed in the form of their data being exposed.

Reportedly, the API connected to Justdial’s reviewers’ database had been unprotected since the company’s foundation.

Hence, the reviewers’ names, mobile numbers, locations and all became easily accessible thanks to the loophole.

But this issue was immediately fixed, according to the reporters.

No matter what happened, the unprotected database and the loophole contributed largely to the data breaches.

Justdial employs a humongous database and hence has large number of data stored within it.

Weak API and poor “Operation Security” is majorly to blame for all the breaches Justdial saw in these couple of weeks.

According to security researchers, API handlers and managers should be employed. Also easily implemented software switch could help in protecting the access points.


Also the first breach should have been taken seriously and used as a means of learning to help secure the system from future attacks.

It is evident that the company needs to strengthen their operational security and up their game in terms of securing the present loopholes and possible lacunae.

Phishing Scam Disguised As Some of Victims' Most-Trusted Websites Hits Google Chrome's Mobile Browser




A shockingly simple however convincing phishing scam has struck Google Chrome's mobile browser, camouflaged as some of the victim' most-confided in and trusted sites.

Being alluded to as the 'Inception Bar' it has targeted on the Android mobile users for Chrome by utilizing a 'fake address'  bar that not just shows the name of a real site, yet in addition a SSL badge - used to confirm a site's authencity - demonstrating that the said page is protected.

This 'Initiation Bar' is basically a webpage inside a webpage where regardless of whether a user endeavors to scroll back up the top of the page to get to the address bar; they're constrained down, caught in the fake page.

As indicated by developer Jim Fisher, who posted about the endeavor on his own blog, hackers can utilize a blend of coding and screenshots to trap exploited people into surrendering their private information.

Fisher even exhibited that he had the capacity to change the displayed URL of his own site to that of HSBC Bank.




This trick is valuable especially for scammers who endeavor to cover a pernicious website page as a genuine one and steal significant data from uses like passwords and credit card information.

With some additional coding, Fisher says that the trick could be made increasingly advanced, by simply making the fake bar intuitive.

While his demo was done on Google Chrome, the trick would possibly influence different browsers with comparative highlights.

In any case Google has proceeded to introduce a rather large group of new security feature that explicitly targets phishing including forbidding embedded browsers and different highlights that notify users when they're perusing a 'potentially harmful' website.


Hackers released around 845GB of username and password dump from old breaches



According to Kaspersky Lab, the database of users with billions of passwords, published at the end of January, was collected from well-known old leaks.

On January 31, Wired reported that hackers released a giant database that contains 2.2 billion unique usernames and passwords. In total, the entire archive of stolen data was the size of 845 gigabytes.

Kaspersky Lab studied this database and concluded that it does not contain any new information.

"This is a database of already known old leaks," said a representative of Kaspersky Lab.

It’s interesting to note that among the stolen data were accounts for such popular services as Yahoo, LinkedIn, Dropbox. All three of these companies previously reported major leaks of their bases. Russian hackers were suspected of involvement in the thefts.

However, Experts of Kaspersky Lab advised to check the availability of email in the database through the website https://haveibeenpwned.com and change passwords for the most important accounts.


Russian Hacking Group Targets The German Government’s Internal Communications Network


An infamous Russian hacking group known as Fancy Bear, or APT28, is by and large broadly considered responsible on account of a security breach in Germany's defence and interior ministries' private networks as affirmed by a government spokesman.

It is said to be behind the reprehensible breaches in the 2016 US election likewise including various cyber-attacks on the West. The group is accounted for to have targeted on the government's internal communications network with malware.

As per the reports by the DPA news agency the hack was first acknowledged in December and there may have been a probability of it lasting up to a year.

"We can confirm that the Federal Office for Information Security (BSI) and intelligence services are investigating a cyber-security incident concerning the federal government's information technology and networks," a German interior ministry spokesman said on Wednesday.




The group apparently hacked into a government computer system particularly intended to operate separately from other open systems i.e. public networks to guarantee additional security known as the "Informationsverbund Berlin-Bonn" (IVBB) network. The framework is utilized by the German Chancellery, parliament, federal ministries and a few security institutions.

Fancy Bear, also called Pawn Storm, is believed to run a global hacking campaign that is ", as far-reaching as it is ambitious" as indicated by a report by computer security firm Trend Micro.
Palo Alto Systems, a cyber-security firm, on Wednesday released a report saying that Fancy Bear now gives off an impression of being utilizing malevolent emails to target North American and European foreign affairs officials, incorporating a European embassy in Moscow.

"Pawn Storm” was even reprimanded for a similar attack on the lower house of the German parliament in 2015 and is likewise thought to have targeted on the Christian Democratic Union party of Chancellor Angela Merkel.

Authorities in the nation issued rehashed notices about the capability of "outside manipulation" in a last year's German election.

The hacking bunch has been linked to the Russian state by various security experts investigating its international hacks and is additionally known by certain different names including CozyDuke, Sofacy, Sednit and Tsar Group.


Hacker breaks into Telangana’s TSPost website, exposes flaw

Indian government sites are often criticized for their lack of cyber security and safety of people’s information. Pointing out a flaw in Telangana government’s NREGA portal, French hacker and independent security researcher Robert Baptiste hacked into the state government’s website.

He reportedly contacted the site owners regarding the issue and after receiving no response for some time, published his results on social media.


The website (http://tspost.aponline.gov.in) was vulnerable to one of the most basic web hacking technique, an SQL injection. It has now gone offline in the wake of this news.

“A basic SQL injection allows an attacker to access the database of the website,” Robert said. “To be clear, all the data on this website can be a dump. Telangana government officials say they are working to fix it. For this website, they have to hire decent web developers to protect it from attacks.”

TSPost, Telangana’s government benefit disbursement portal, contained the account details and Aadhaar numbers of over 56 lakh NREGA beneficiaries and 40 lakh beneficiaries of social security pensions.

Using the SQL injection, Robert was able to access not just the Aadhaar and account details from the website but also the API keys of UIDAI’s Aadhaar database, the access of which can enable anyone capable enough to make a fake Aadhaar app that could be uploaded to Google Playstore for malicious use.

This is one of the many cases pointing out how vulnerable the Aadhaar system is to hacking and security breaches.

Unknown Hackers demand Ransom in Bitcoin

Recently the news came out of a ransomware attack in Old Delhi after three of the hacked victims came forward to uncover more about the attack. The victims i.e. the traders were demanded ransom in Bitcoin from the unknown hackers.

Although it is believed that the hackers are supposedly from either Nigeria or Pakistan, they were responsible for encrypting files on the computers of the businessmen which comprised of key records. The hackers at that point, as indicated by the police coerced the victims, gave them the links to purchase bitcoins through which they needed to make payments for the release of critical documents.

 “Some traders paid in Bitcoins and got their data back. Some deposited the money from abroad. When my data was hacked, I spoke to fellow traders and learnt that there were other such cases. I wrote to the hackers and they agreed to decrypt the files for $1,750 (around Rs 1.11 lakh),” Mohan Goyal, one of the victims was quoted saying in the report.

According to reports, the hacked traders found the message that said there was a 'security issue' in the system displayed on their computers. The traders were then given case numbers and email addresses for correspondence. They were then at first offered decryption of five of their documents and files for free by the hackers, who later demanded the payment of ransom for the rest of the records.

While one of the IP address utilized by hackers was purportedly traced back to a system in Germany, but the fingers remain pointed towards hackers from Nigeria and Pakistan.

Experts say that for making it difficult to trace the money, getting the money in bitcoin works for the hackers. The Delhi crime branch which registered the FIR has already sent the hard disks of the complainants for further forensic tests. As of not long ago, three complaints already have been registered by the police and it is believed that the number of victims could be much higher.

Larceny of $70 million from the largest crypto-mining marketplace

The notice announcing "service unavailable" as well as an official press release was displayed on the website of the Slovenian digital currency mining firm NiceHash, which it said endured a hack of its Bitcoin wallet on the seventh of December.

 In a video update that streamed live on Facebook, the CEO and co-founder Marko Kobal provided an update to a rather startling declaration that the organization, established in 2014, had been subjected to a hack and ensuing theft which additionally compromised its payment system also.

 The news was accompanied by the increasing reports of vacant wallets as well as an additionally expanded downtime period for the service's website; every one of the operations for the website in question has been halted for the following 24 hours.

As per Kobal, the attack began in the early hours of December 6 after a worker's PC had been compromised , he further added that their team is working with law enforcement and clarified that " we're still conducting a forensic analysis” to determine how it all happened and to discover the exact amount of bitcoin that was stolen.

Kobal went ahead to state that he couldn't give extra points of interest, however, he added that the attack seems, by all accounts, to be “an incredibly coordinated and highly sophisticated one.”

However the Wall Street Journal reported that, Andrej P. Škraba, the head of the marketing at NiceHash, affirmed to the outlet that roughly 4,700 bitcoins, worth up to $70 million disappeared from NiceHash's bitcoin wallet, Škraba also told the Journal that he too like Kobal trusted that "it was a professional attack", but would not give any more information on the matter, taking note of that the further improvements would be released at a later date.

NiceHash, which exhorted its clients to change their online passwords after it stopped operations on Wednesday, has given a couple of other insights about the attack on its payment system also.

"We ask for patience and understanding while we investigate the causes and find the appropriate solutions for the future of the service", it said on its website.

The Slovenian police said that were investigating the hack, but however, declined to further comment.

Hack on cPanel exposes customer details

cPanel was hacked this weekend which exposed details of its customers,including their names, contact details, and encrypted passwords.

Though hacking did not affect payment information which was kept on a separate system.

The firm warned its customers with older passwords to change them,though the possibility of its exposure is less.

   “Although current passwords are stored salted and encrypted, we are accelerating our move to stronger password encryption at the same time in order to minimize disruption. In order to safeguard the system, we will force all users with older password encryption to change their passwords,” said the company’s e-mail.

Though the breach is fairly minor but if attackers make use of exposed information, the customers may be badly impacted.

The company has been in control since 1997 and promises its customers to be most reliable company in web hosting industry. 

Hilton payment system attacked

One of the largest US based hotel chain Hilton revealed that hackers had infected some of their point-of-sale computer systems with malware crafted to steal credit card information.

They didn’t disclosed what data was taken, but cautioned everyone who used payment cards at Hilton Worldwide hotels between November 18 and December 5 of last year or April 21 and July 27 of this year to check for any irregular activity from their debit or credit cards.

In an online post Hilton said that the Malware that infected system had a potential to retrieve cardholders' names, account numbers, security codes and expiration dates.

They further wrote that they are investigating the breach with the help of third-party forensics experts, law enforcement and payment card companies.

Starwood hotels, which operate the Sheraton and Westin chains, announced four days before Hilton that hackers had attacked their payment system resulting in leaking of customer credit card data in some of their establishments.

"The malware was designed to collect certain payment card information, including cardholder name, payment card number, security code and expiration date," the group said in a statement.

Starwood and Hilton are not the only one whose payment system has been hacked but last month Trump hotels has face the similar incidence of cyber attack.

"We believe that there may have been unauthorised malware access to some of the computers that host our front desk terminals and payment card terminals in our restaurants, gift shops and other point-of-sale purchase locations at some hotels," Trump Hotel Collection said at a website devoted to details of the incident.

According to Trump hotels, the access could have taken place in between May 19 of last year and June 2 of this year.

Brian Krebs, cyber threat blogger at KrebsonSecurity.com explained the cyber attack on payment systems as "just the latest in a long string of credit card breaches involving hotel brands, restaurants and retail establishments."




E-Trade notifies its 31,000 customers that their contact information may have been compromised


A report published in Washington Post confirmed that E-Trade, a U.S. based financial corporation which provides financial services, informed its 31,000 customers that hackers might have accessed their email and other addresses during a cyber-attack in late 2013.  

However, the company claimed via email that the hackers did not get any sensitive customer account information, including passwords, Social Security numbers, or financial information.

As per the email sent by the company, it got to know about the attack when officials of federal law enforcement alerted to the evidence that customer contact information may have been breached.

The company has announced that it will provide one year of free identity protection services, which includes credit monitoring to those whose information had been compromised.

According to the news report, a person familiar with the investigation who spoke on the condition of anonymity informed that soon after the attack, it launched an internal investigation while it worked with law enforcement.

However, during that time the company did not believe customer information had been compromised, the person added.


"Security is a top priority, and we focus significant time and energy to help keep E-Trade customer data and information safe and secure," a company spokesperson said in a statement. "We take these matters extremely seriously, and in all instances we continuously assess and improve upon E-Trade’s capabilities. We have also contacted any customers we believe may have been impacted."

New York Health Insurer's Security Hack Risks 10 Million Records

A New York based, nonprofit health insurance company, Excellus BlueCross BlueShield had declared on Wednesday (September 09) that cyber attackers have breached its Information Technology (IT) systems which had exposed the information for as many as 10 million of its clients nationwide. People who have been affected include 7 million Excellus members and 3.5 million members under the affiliate Lifetime Healthcare Companies.

According to the Security experts health care companies tend to contain large amount of data of users regarding their personal information which is why they are increasingly becoming the target of hackers.

The company believes that the attackers may have gained unauthorized access to information of individuals' names, dates of birth, Social Security numbers, mailing addresses, telephone numbers, member identification numbers, financial account information and claims information.

Apart from this, the hackers might have got hold of most personal information, revealing not only financial details but even violating the privacy of their medical history.

The insurance company had discovered the first cyber breach that gave hackers the potential to access the records of its users in August 2015.

According to Spokesman of Excellus, Kevin Kane, the company had hired cyber security firm ‘Mandiant’ to conduct a forensic review of its computer system, seeing the rise in attacks. The security firm found evidence of cyber break-ins dating back to Dec. 23, 2013 after which the Federal Bureau of Investigation was called in to notify the customers.

Though, the company has found no data leaving the insurer's systems till now nor is there evidence that the compromised data has been used fraudulently, but it plans to offer two years of free identity theft protection service from risk-mitigation and investigation to the affected users.

A Professor at the New York based University at Buffalo and an expert on cyber deception and information technology, Arun Vishwanath said that health care breaches are more harmful as they impact insurer’s “vendors, physician offices connecting to them, and accessible affiliates all over the country,"

In 2015, Ponemon Institute in Michigan declared a report stating that criminal cyber attacks on the US health sector had increased 125% since 2010.

The report also stated that the healthcare organizations lacked resource, process and technology to prevent and detect attacks or protect the data, despite holding abundance of personal information of its users which has become the reason of increasing cyber attacks on them.

There has been a string of attacks on the health insurance industry in the past year.

The breach on Excellus came six months after a breach at Washington's ‘Premera Blue Cross’ which had exposed the records of 11 million customers and seven months after a breach at ‘Anthem’ that disclosed up to 80 million records.

Earlier, UCLA Health System and CareFirst were also breached of their security, risking their customer’s details.


Web.com hacked, 93000 customers credit cards info compromised

Florida-based internet service provider Web.com announced that one of its computer systems may have been breached, exposing the credit card information of approximately 93,000 customers.

The breach was reported on August 13 which uncovered the unauthorized activity as part of its ongoing security monitoring and shutdown process. The stolen information included credit card information, actual names associated with the payment cards and residential address of the clients. But, the social security numbers and the verification codes were affected by the data breach.

The company owns two other well-known web services companies – Register.com and Network Solutions. Web.com says that computer systems at Network Solutions and Register.com weren’t affected in the attack.

Web.com, based in Jacksonville, Florida, is a website design, e-commerce, hosting and domain registration company; which claims to have more than 3.3 million customers.


All affected customers are being contacted by email and mail, and are being offered one year of credit monitoring services.

Plex Forum hacked, change your password now


ALERT! Internet movie and television enthusiasts, who have been using the PLEX media servers and the PLEX forums for their daily dose of entertainment, it's time to check in your private credentials. PLEX, an online movie and TV library forum has announced that their servers have been hacked on the morning of 2nd July, 2015; which has left registered email addresses, user ids and passwords vulnerable.

The company has clarified that only the accounts that have been used for accessing the services of PLEX forums have been compromised. Yet, it added that the accounts that were created through social media hyperlinks and were never used to access the forums are most probably vulnerable to data breach. The company has however stated that their has been no breach of credit card information as it is never stored in the servers.

The company after finding about the attack, sent an email to the users, requesting them to reset their passwords. The email sent by the company follows :


Dear Plex User,

Sadly, we became aware this afternoon that the server which hosts our forums and blog was compromised. We are still investigating, but as far as we know, the attacker only gained access to these parts of our systems. Rest assured that credit card and other payment data are not stored on our servers at all.

If you are receiving this email, you have a forum account which is linked to a plex.tv account. The attacker was able to gain access to IP addresses, private messages, email addresses and encrypted forum passwords (in technical terms, they are hashed and salted). Despite the password encryption measures, we take your privacy and security very seriously, so as a precaution, we’re requiring that you change your password.

Be sure to choose a strong password, never share it, and never re-use passwords for different accounts! Even better, use a password manager (1Password, for example) to manage a unique password for you. Access to your Plex account will be blocked until you do so.

Please follow this link to choose a new password.

We’re sorry for the inconvenience, but both your privacy and security are very important to us and we’d rather be safe than sorry!

We will post more detailed information on our blog shortly. Thanks for using Plex!
Now the question arises whether the company can strengthen the security of its servers and continue providing the services without putting the privacy of its users at stake?


Hard Rock Hotel & Casino reports possible card breach

Hard Rock Hotel Las Vegas has issued a statement on May 1 in which they disclosed a security incident which may have affected the customer’s credit card information.

It said that the incident allowed hackers to access to information about credit or debit cards used at certain Hard Rock Hotel & Casino Las Vegas retail and service locations. 

The information affected the names, card numbers, and CVV codes. However, it does not have access to the PIN numbers or other sensitive customer information.

According to the statement, the incident was happened to credit or debit card transactions between September 3rd, 2014 and April 2nd, 2015 at restaurant, bar and retail locations at the Hard Rock Hotel Las Vegas property, including the Culinary Dropout Restaurant.

The attack did not affect transactions at the hotel, casino, Nobu, Affliction, John Varvatos, Rocks, Hart & Huntington Tattoo or Reliquary Spa & Salon.

The hotel urged its customer to review their credit and debit card statements and report, if they notice any suspicious activity at their bank accounts.

It also informed that the customers are not responsible for unauthorised charges that are reported in a timely manner.
They wrote that in order to protect their customer’s identity, they have now engaged Experian®, the largest credit bureau in the US, which will offer the customers complimentary Fraud Resolution and identity protection for one year.

They said that Fraud Resolution assistance is available anytime however, customers are requested to activate the fraud detection tools, which is available through ProtectMyID® Elite. It provides superior identity protection and resolution of identity theft.


In order to activate ProtectMyID® , the customers have to request for an activation code through an email to hardrockhotel@protectmyid.com. Once they receive the code, they have to activate ProtectMyID® Elite at www.protectmyid.com/protect.

Harbortouch discloses a breach caused by malicious software


Harbortouch, which supplies point-of-sale (POS) systems to thousands of businesses across United States, disclosed a breach in which some of its restaurant and bar customers were impacted by a malware. The malware allowed hackers to get customer card data from the affected merchants.

A card issuer recently reported to KrebsOnSecurity about the concerned authority is ignoring the dangerousness of the breach. And the ignorance of the company would affect more than 4,200 Harbortouch customers nationwide.

Before the Harbortouch had revealed, many sources involved in financial industry suspected that there was a possibility of a breach at a credit card processing company.

According to an article published on  KrebsOnSecurity, the suspicion increased whenever banks realized card fraud that they could not easily trace back to one specific merchant.

Some banks wanted to know about the unrevealed fraud as stolen cards were used to buy goods at big box stores. They made some changes in the way they processed debit card transactions.  

United Bank recently issued a notice saying that in a bid to protect its customers after learning of a spike in fraudulent transactions in grocery stores and similar stores such as WalMart and Target, it has started a block in which customers will now be required to select ‘Debit’ and enter their ‘PIN’ for transactions at these stores while using their United Bank debit card.

Harbortouch issued a statement last week, in which the company said it has identified and contained an incident that affected a small percentage of its merchants. It also confirmed the involvement of malware installation on the POS systems. The advanced malware was designed in such a way that the antivirus program running on the POS System could not detect.

The Harbortouch however, removed the malware from affected systems shortly when the problem was detected.

Mandiant, a forensic investigator, helped the company in its investigation.

The company explained in the statement that it does not directly process or store card holder data and only a small percentage of their merchants got affected for a short period of time. 

Currently, the company’s officials are working with the parties concerned to notify the card issuing banks that were impacted. After that the banks can conduct heightened monitoring of transactions to detect and prevent unauthorized charges.

However, the sources at a top 10 card-issuing bank in the United States that shared voluminous fraud data with an author of KrebsOnSecurity on condition of anonymity, the breach extended to at least 4,200 stores that run Harbortouch’s the POS software.

Nate Hirshberg, marketing director at Harbortouch, said the statements are not true.

White lodging confirms second data breach at 10 hotels

White Lodging Services Corporation (WLSC), an independent company which manages more than 160 hotels in 21 states of America, has confirmed a second data breach on its credit card systems at 10 locations.

In a press release issued on April 8, the WLSC said that the suspected breach of point-of-sale systems at food and beverage outlets, such as restaurants and lounges, from July 3, 2014 to February 6, 2015 at 10 hotels.

While it is believed that some of the breached locations were the last year’s breached locations only, the Indiana-based company clarified that the second was a separate breach.

According to KrebsOnSecurity news report published on April 15, in February 2015 it reported for the second time within a year that multiple financial institutions were complaining about the fraud on customer’s credit and debit cards that were all recently used at a string of hotel properties run by the WLSC.

However, the company said it had no evidence of a new breach at that time, but last week only, it confirmed the suspected breach of point-of-sale systems at 10 locations.

Banking sources back in February 2015 said that the credit cards compromised in this most recent incident looked like they were stolen from many of the same WLSC locations implicated in the 2014 breach, including hotels in Austin, Texas, Bedford Park, Ill., Denver, Indianapolis, and Louisville, Kentucky.

“After suffering a malware incident in 2014, we took various actions to prevent a recurrence, including engaging a third party security firm to provide security and managed services,” said (in the press release) Dave Sibley, Chief Executive Officer (CEO) of the WLSC.

“However, these security measures failed to stop the malware occurrence on point-of-sale systems at those 10 hotels. We will continue our investigation as it is necessary to protect the personal information entrusted to us by our valuable guests. We deeply regret and apologize for this situation,” he added.

According the WLSC, the stolen data includes names printed on customers’ credit or debit cards, credit or debit card numbers, and the security code and card expiration dates.

The company is offering a year’s worth of credit protection services for customers impacted by the breach, from Experian.

Database hacked at Biggby Coffee, personal information of customers at risk


Security breach at Biggby Coffee has potentially exposed personal information of some of its customers and job applicants.

Biggby Coffee, a leading coffee franchise business based out of Michigan stores information like customer or applicant’s name, date of birth, email address, address, telephone number, Social Security number, driver's license record, employment history.

However the company maintains that no sensitive data like financial information has been leaked, only details like name, contact details and employment history might have been subjected to the breach.

A spokeswoman for the company added that less than 20 % of Biggby's customer data was affected and only information submitted via the website had been compromised. Also, the information accessed had nothing to do with the cash registers or point of sale systems in the stores,

The attack on the company's systems was discovered on the last week of March, when its web developer and hosting company Traction revealed that a criminal has forced its way into the system and accessed the consumer database.

The data breach has been reported to the police and FBI.

Hackers target Executive club members of British Airways

Being an executive customer at British Airways (BA) does not guarantee any better security from hackers. Thousands of executive customers found this out to their peril as BA confirmed the hacking of the accounts.

According to the company, it was not a direct attack on the central database; the attack was carried out on some account holders using information on the users available elsewhere on the internet. Also, the company maintained that only “a small number of frequent flyer Executive Club accounts” had been affected and though there has been some unauthorized activity, no sensitive information had been leaked.

Though the company said that the hackers had not gained any access to any subsequent information pages like travel histories or payment card details within accounts, BA Executive Club (BAEC) account holder have registered complaints on the forums saying that their Avios points have been stolen. Avios points are accumulated through frequent travel can be used for other flights or upgrades. Tier points have not been affected due to this hack.

One user wrote, “My Avios balance, which was 46,418 yesterday, is suddenly zero,” Another said, “217,000 taken from my account this morning. 30 minute hold on the silver line.”
Other people are also reporting they are unable to access their accounts at all, with their BAEC number not being recognized at all.The company responded saying that the accounts have been locked down from access as a response to the breach and all the points would be subsequently reinstated.

Some members of BAEC affected by the issue have received emails requesting change of passwords, for those who have not but still are locked out of the accounts can place a call to the customer care.

For customers wanting to book flights now, bookings as redemption of points might not be available pending resolution of the matter but still can be checked for availability.

Alternatively, one might, if the options are available try to book through Avios.com which has not been affected.

However, with so many cases, it is best to wait for a few days till the situation becomes clearer.

Slack hacked, over 100k users data compromised


Slack, a team communication tool, has suffered suffered a security breach on its central user database, potentially leaving user's login credentials in the hands of hackers.

Slack was launched in 2013 and its android application has been downloaded by more than 100,000 users so far(according to Google Play store).

The company confirmed the breach in a company blog post. The unauthorized access took place for about 4 days in February.

The database accessed by the intruders included usernames, email IDs, and  passwords(hashed). It also contained optional data added by users such as phone numbers, Skype IDs.

On the bright side, Slack didn't store the passwords in a plain-text format. The passwords have been hashed with a bcrypt and a randomly generated salt.  It does not mean this will thwart hackers from accessing your account, it will just slow down the process and give you a time to take action. And, NO Financial or payment data compromised in this attack.

In the wake of security breach, the company strengths its security for the authentication.  One of them is "2 step authentication" - a verification code in addition to your normal password whenever you sign in to Slack. Let's hope the company also fixes any other vulnerabilities in their website.

Data Breach at Sacred Heart Health Systems


A security breach at one of the third-party vendors of Sacred Heart Health Systems has resulted in the exposure of health and personal information of approximately 14,000 patients.

Hackers were able to access patients’ names, dates of service, dates of birth, diagnoses and procedures, total charges, and physicians’ names, and 40 of the patients Social Security numbers were also compromised, through phishing attack by gaining access to the email account of an employee of the billing vendor.

The incident was first discovered on Dec. 3, 2014, and username and password of the employee was immediately shut down. On Feb 2,2015, Sacred Heart was notified of the attack.

 They immediately launched an internal investigation by engaging computer forensics experts, to conduct and analyze the incident and help to accurately identify affected ones, and they sent letters to all affected patients informing them about the hacking attack. The hacker has not been identified.