Data loss

(get it in RSS or Atom)

Movie site Vudu resets passwords after burglar nabs hard drives

by Lisa Vaas on April 11, 2013 | 1 Comment

Video site Vudu resets passwords after burglar nabs hard drives

Burglars broke into offices at video service Vudu late last month and stole hard drives containing customers' personal data, the company told customers in an email sent on Tuesday.

The 'What's Worse Security Championships finals' - Vote now

by Naked Security writer on April 8, 2013 | 4 Comments

To honour the March Madness sporting finals, we adapted the concept and launched our very own What's Worse Security Championships. Join the thousands of others and place your vote now in the finals.

Monday review - the hot 17 stories of the week

by Anna Brading on April 8, 2013 | Leave a comment

Monday review - the hot stories of the week

Catch up with everything we've written in the last seven days - it's weekly roundup time.

Scribd, "world's largest online library," admits to network intrusion, password breach

by Paul Ducklin on April 5, 2013 | 2 Comments

San Francisco-based document sharing site Scribd has admitted to a network intrusion.

Details are scant, but fortunately a notification published by the company suggests that no more than 1% of users are at risk...

Mobile device security in the US military comes under fire

by Beth Jones on April 2, 2013 | 7 Comments

A recent report by the US Inspector General revealed staggering flaws in the US military's management of mobile devices, and a severe lack of basic IT security protection in place for such devices.

Monday review - the hot 13 stories of the week

by Anna Brading on April 1, 2013 | Leave a comment

Catch up with everything we've written in the last seven days with this handy weekly roundup

Many Amazon S3 cloud storage users are exposing sensitive company secrets, claims report

by Lisa Vaas on March 29, 2013 | 1 Comment

A security researcher tested a slew of (probably inappropriately misconfigured) storage buckets and found about one in six were open to the public, exposing content we think companies would probably have preferred remain private.

Lisa Vaas explores what has happened.

Monday review - the hot 21 stories of the week

by Anna Brading on March 25, 2013 | Leave a comment

It's weekly roundup time. Here's all the great stuff we've written in the past seven days.

Apple password reset website - gaping hole found, fixed

by Paul Ducklin on March 23, 2013 | 6 Comments

Apple has had a good-bad-good-bad week of it in the computer security environment.

Its announcement of two-step verification for some users was quickly followed by a report of a password recovery exploit for everyone else...

Apple introduces two-factor verification for Apple IDs

by Paul Ducklin on March 22, 2013 | 13 Comments

After celebrity Web 2.0 journalist Mat Honan had all his iDevices remote-wiped by a cybercrook last year, Apple's login security has been under scrutiny.

Good news! Apple has finally bitten the bullet and started offering two-factor verification for Apple ID users...

IT admin pleads guilty to hacking into and spying on New Jersey mayor's email

by Lisa Vaas on March 22, 2013 | 9 Comments

Patrick Ricciardi configured computer systems to collect all emails sent to the mayor and two high-ranking city employees.

He did it, he said, to see if his job was secure. We can say with reasonable certainty now that it is not.

AT&T hacker "Weev" sentenced to 41 months in prison, after obtaining the email addresses of 100,000+ iPad users

by Lisa Vaas on March 19, 2013 | 5 Comments

Andrew Auernheimer has been sentenced for the federal crimes of obtaining the personal data of over 100,000 iPad owners from AT&T's publicly accessible website.

Besides his prison sentence, he's facing 3 years of probation and, together with another convicted hacker, paying restitution of $73,000.

Bring your own: More practical advice for handling smartphones in the workplace

by Ross McKerchar on March 18, 2013 | 4 Comments

Your workforce wants anytime, anyplace access to applications, but you have a network to protect. Here are a few ideas to make life harder for the bad guys, while making you the good guy.

American retailer Genesco sues Visa, demands $13m in PCI-DSS data breach fines paid back

by Paul Ducklin on March 14, 2013 | 2 Comments

Genesco, a massive American retailer, suffered an intrusion by cybercrooks in 2010. It was subsequently "fined" over $10m by the payment card industry.

Now it wants its money back...

$5 million class action lawsuit over LinkedIn data breach dismissed

by Lisa Vaas on March 8, 2013 | 12 Comments

LinkedIn let off the hook in $5M class action lawsuit over data breach

No real damage was done, a judge ruled, and besides, paying for premium membership isn't a guarantee that you'll get premium security.

Ouch! So much for promises made in privacy policies.

Monday review - the hot 22 stories of the week

by Anna Brading on March 4, 2013 | Leave a comment

In case you missed anything, here's everything we wrote in the past seven days.

Evernote shoots itself in foot over "never click on 'reset password' requests" advice

by Graham Cluley on March 3, 2013 | 19 Comments

Have you taken a close look at the email that Evernote has sent out, with the subject line "Evernote Security Notice: Service-wide Password Reset"?

It looks like the hacked company has made a blunder.

Evernote hacked - almost 50 million passwords reset after security breach

by Graham Cluley on March 2, 2013 | 23 Comments

Evernote, the online note-taking service, has says that it has suffered a serious security breach which saw hackers steal usernames, associated email addresses and encrypted passwords.