data breach

(get it in RSS or Atom)

1,000,000 lost credit cards = £150,000 fine

p-pii-250

A UK travel company has been fined £150,000 for putting an "internal only" parking database system on the internet without securing it first.

The vulnerable system was used as a stepping stone for a crook to steal more than 1M e-commerce records.

Sony offers games as part of $15m Playstation Network breach settlement

Sony hacking suspect smashes computers to get out of prosecution

Sony has offered gamers digital goods as part of a $15m settlement in the 2011 PlayStation Network (PSN) data breach case.

Shopping site reports 3-year-old data breach

Australian shopping site reports 3-year-old data breach

Australian shopping website CatchOfTheDay has warned customers of a data breach dating back to 7 May 2011, urging anyone who has kept the same password at the site since that date to change it.

SSCC 152 - PF Chang's, TrueCrypt (still!), the Twitter worm and the cost of scammers [PODCAST]

chet-chat-logo-featured-250

Sophos security experts Chester Wisniewski and Paul Ducklin turn their attention on the week's security news.

As usual, they extract plenty of useful lessons during their insightful dissection of the latest issues...

P.F. Chang's investigates possible credit card breach

PF Changs

Restaurant chain P.F. Chang's China Bistro says it is investigating claims of a data breach which may have led to debit and credit card details being posted on an underground forum.

FitzRoy, Oleg Pliss, Spotify and TrueCrypt - 60 Sec Security [VIDEO]

2014-05-31-thumb-250

Did FitzRoy get hacked? Who is Oleg Pliss? What's up with Spotify? Where has TrueCrypt gone?

60 Second Security - 31 May 2014

'Half of American adults hacked' in the past year - really?

'Half of American adults hacked' in the past year - really?

A new study publicized this week claims that almost half of all American adults have had their personal data hacked in the past year. Headline-grabbing truth-stretching? Or have 110 million Americans really been hacked?

SSCC 149 - Apple devices ransomed, eBay breached, carders busted and more [PODCAST]

sscc-149-250

Chester Wisnieski and Paul Ducklin dig into the important security stories of the past week, and pull out some lessons we can all learn.

If you haven't listened to a "Chet Chat" before, now's the time to give it a try!

Monday review - the hot 26 stories of the week

dow-250

Get yourself up to date with everything we've written in the last seven days - it's weekly roundup time.

Breach at eBay, bugs in Chip-and-PIN, busts for Blackshades - 60 Sec Security [VIDEO]

2014-05-24-thumb-250

Will the breach at eBay beat Adobe for size? Is Chip and PIN really as safe as they say? How many countries took action busting malware crooks?

All the answers in 60 Sec Security for 24 May 2014...

SSCC 147 - Why Snapchat will have to tell you the truth about security now [PODCAST]

sscc-147-250

As usual, Chester Wisniewski and Paul Ducklin turn their insightful and entertaining gaze on the security lessons we can learn from the past few days.

Give it a listen - it's our weekly quarter-hour security podcast...

Monday review - the hot 21 stories of the week

dow-250

It's weekly roundup time!

Here's all the great stuff we've written in the past seven days.

Is Apple finally getting real about security? 60 Sec Security [VIDEO]

2014-05-10-thumb-0250

Where does the data breach buck stop? Why do they call them "secret" links? And is Apple finally getting real about security?

Find out in "60 Second Security" for 10 May 2014

Orange bitten by data breach, leaks personal data from promotional messaging server

or-250

Current reports put the size of Orange's latest data breach at 1,300,000 records.

It seems that the data wasn't stolen from one of Orange's primary databases, but from an ancillary system used for sending promotional emails and SMSes.

SSCC 146 - Target, Microsoft, Dropbox and the mysterious "Webdriver Torso" [PODCAST]

sscc-146-thumb-250

Have a listen to the latest episode of our weekly security podcast.

Sophos security experts Chester Wisniewski and Paul Ducklin look at what we can learn from the latest news.

Monday review - the hot 17 stories of the week

dow-250

Catch up with everything we've written in the last seven days - it's weekly roundup time.

Microsoft and Adobe have 0-days, AOL breached, and we win an award! 60 Sec Security [VIDEO]

2014-03-05-thumb-0250

Are two zero-days better than one? What happened to AOL's user database? And is that another award that Naked Security just won?

Find out in 60 Sec Security for 03 May 2014...

Data-drained Target hurries to adopt chip-and-PIN cards

Data-drained Target hurries to adopt chip-and-PIN cards

The US has been dragging its heels on the expensive, laborious task of swapping its payment infrastructure for the more secure chip-and-PIN security used abroad. Still smarting from recent data theft, Target's now apparently leading the way, promising the new cards in 2015.

SSCC 144 - iOS malware, fingerprint security, WhatsApp privacy, hacking the taxman [PODCAST]

sscc-144-thumb-250

How bad is the risk from iOS malware? What's the state of play in fingerprint security? Should you trust mobile apps? Is it wise to hack the taxman? What if Brian Krebs calls to warn you've been pwned?

Chet and Duck turn their wit and insight on the week's news...

Monday review - the hot 21 stories of the week

dow-250

It's weekly roundup time!

Here's all the great stuff we've written in the past seven days.