recentpopularlog in


« earlier   
Cyber Hotel Business Hack | 1Password
Random but Memorable is back with an episode full of a new Watchtower Weekly, customer questions, and even a chat with Charles Arthur, author of Cyber Wars: Hacks that Shocked the Business World.
Watchtower Weekly talked briefly about the Marriott breach, which potentially impacts nearly 500 million Marriott and Starwood customers. Data exposure can always leave you vulnerable, so it’s a good idea to take Marriott up on their offer for a free year of WebWatcher to monitor your information. They also brought up a rather embarrassing incident for Tesla in which a disgruntled customer complaining to their customer support forum got more than he bargained for. Instead of just an answer, a support agent ended up giving him administrative permissions for the entire forum! That’s right, he was granted full access to the entire forum. There’s going above and beyond to help your users and then there’s giving them the ability to not only edit and delete any post but also gave him access to full profile information for every single user. Including Elon Musk.
1password  podcast  security  privacy  business  hack  data  breach 
yesterday by rgl7194
Breach of Spyware Company mSpy Exposes iCloud Account Information for Millions - SecureMac
Apple users should consider changing their iCloud passwords after a recent breach reportedly exposed the account information of millions of people. The breach involved a company called mSpy, a spyware-as-a-service business. mSpy sells mobile and computer software that allows users to spy on their friends or family members. The software is also marketed to allow parents to see what their children are doing on their devices. However, this type of software is technically illegal and mSpy has a shady reputation.
At the end of August, security researchers Brian Krebs and Nitish Shah discovered that mSpy had posted a database containing millions of iCloud usernames and authentication tokens. Shah discovered the database first and tried to notify mSpy of the issue but was blocked by the company for requesting an audience with their chief technology officer. Krebs later got in touch with mSpy’s CTO and the database was taken down.
data  breach  icloud  security  privacy  krebs  passwords 
4 days ago by rgl7194
New Report: Unknown Data Scraper Breach - HackenProof Blog
The MongoDB hosted database has survived another databreach. Hacken specialist describes the case for companies to avoid web scraping in future.
7 days ago by zchi
Exclusive: Emails of top NRCC officials stolen in major 2018 hack - POLITICO
"Email accounts were surveilled for months..." "Republican leaders were not informed until [this week]"
politics  security  hacking  breach  US  email 
9 days ago by corrickwales
Introducing Firefox Monitor, Helping People Take Control After a Data Breach - The Mozilla Blog
Firefox Monitor is a free service that notifies people when they’ve been part of a data breach
mozilla  firefox  security  data  breach  privacy  tool 
9 days ago by aeng
What the Marriott Breach Says About Security — Krebs on Security
We don’t yet know the root cause(s) that forced Marriott this week to disclose a four-year-long breach involving the personal and financial information of 500 million guests of its Starwood hotel properties. But anytime we see such a colossal intrusion go undetected for so long, the ultimate cause is usually a failure to adopt the most important principle in cybersecurity defense that applies to both corporations and consumers: Assume you are compromised.
For companies, this principle means accepting the notion that it is no longer possible to keep the bad guys out of your networks entirely. This doesn’t mean abandoning all tenets of traditional defense, such as quickly applying software patches and using technologies to block or at least detect malware infections.
It means accepting that despite how many resources you expend trying to keep malware and miscreants out, all of this can be undone in a flash when users click on malicious links or fall for phishing attacks. Or a previously unknown security flaw gets exploited before it can be patched. Or any one of a myriad other ways attackers can win just by being right once, when defenders need to be right 100 percent of the time.
security  privacy  data  breach  marriott  hack  krebs 
10 days ago by rgl7194
Marriott Hacking Exposes Data of Up to 500 Million Guests - The New York Times
The hotel chain asked guests checking in for a treasure trove of personal information: credit cards, addresses and sometimes passport numbers. On Friday, consumers learned the risk. Marriott International revealed that hackers had breached its Starwood reservation system and had stolen the personal data of up to 500 million guests.
The assault started as far back as 2014, and was one of the largest known thefts of personal records, second only to a 2013 breach of Yahoo that affected three billion user accounts and larger than a 2017 episode involving the credit bureau Equifax.
The intrusion was a reminder that after years of headline-grabbing attacks, the computer networks of big companies are still vulnerable.
security  privacy  data  breach  marriott  hack  nytimes 
10 days ago by rgl7194
Daring Fireball: Marriott Hacking Exposes Data of Up to 500 Million Guests
Amie Tsang and Adam Satariano, reporting for The New York Times...
Just awful, particularly the part about passport numbers, dates of birth, and the possibility of credit card numbers being exposed. I’m almost certainly included in this breach — I’m a longtime SPG rewards member, and definitely stayed at a few Starwoods hotels since 2014.
security  privacy  data  breach  marriott  hack  daring_fireball 
10 days ago by rgl7194
Marriott breach impacts 500 million customers: here's what to do about it - Malwarebytes Labs | Malwarebytes Labs
Today Marriott disclosed a large-scale data breach impacting up to 500 million customers who have stayed at a Starwood-branded hotel within the last four years. While details of the breach are still sparse, Marriott stated that there was unauthorized access to a database tied to customer reservations stretching from 2014 to September 10, 2018.
For a majority of impacted customers (approximately 327 million), the breached data includes some combination of name, mailing address, phone number, email address, passport number, Starwood Preferred Guest account information, date of birth, gender, arrival and departure information, reservation date, and communication preferences. For some of those guests, their credit card numbers and expiration dates were exposed, however, they were encrypted using the Advanced Encryption Standard (AES-128).
You can read more on impact to customers in Marriott’s statement here.
security  privacy  data  breach  marriott  hack 
10 days ago by rgl7194
Marriott breach leaves 500 million exposed with passport, card numbers stolen | Ars Technica
Motivations of hackers are unclear, but proprietary Wi-Fi may have been a target.
On Friday, Marriott International announced a system breach that has affected approximately 500 million customers, with stolen information including names, credit card numbers, mailing addresses, email addresses, and passport numbers. The breach is one of the largest in history, after recent Yahoo breaches that compromised the accounts of nearly three billion customers.
The breach appears to have originated at Starwood hotels in 2014—two years before Marriott acquired the hotel chain, according to The Washington Post. "When Marriott acquired Starwood in 2016, the existing breach went undetected during the merger and for years afterward," the Post noted.
security  privacy  data  breach  marriott  hack 
10 days ago by rgl7194
Marriott: Data on 500 Million Guests Stolen in 4-Year Breach — Krebs on Security
Hospitality giant Marriott today disclosed a massive data breach exposing the personal and financial information on as many as a half billion customers who made reservations at any of its Starwood properties over the past four years.
Marriott said the breach involved unauthorized access to a database containing guest information tied to reservations made at Starwood properties on or before Sept. 10, 2018, and that its ongoing investigation suggests the perpetrators had been inside the company’s networks since 2014.
Marriott said the intruders encrypted information from the hacked database (likely to avoid detection by any data-loss prevention tools when removing the stolen information from the company’s network), and that its efforts to decrypt that data set was not yet complete. But so far the hotel network believes that the encrypted data cache includes information on up to approximately 500 million guests who made a reservation at a Starwood property.
security  privacy  data  breach  marriott  hack  krebs 
10 days ago by rgl7194
Marriott Data Breach Affects 500 Million Starwood Guests
Marriott announced today that there has been unauthorized access to the Starwood guest reservation database since 2014. It is not known how the system was hacked, but up to 500 million guests may be compromised.
The incident concerns only the Starwood reservations data because Marriott hotels have a separate system running on a different network. It affects anyone with a reservation at a Starwood property on or before September 10.
security  privacy  data  breach  marriott  hack 
10 days ago by rgl7194
500 Million Marriott Guest Records Stolen in Starwood Data Breach
The world's biggest hotel chain Marriott International today disclosed that unknown hackers compromised guest reservation database its subsidiary Starwood hotels and walked away with personal details of about 500 million guests.
Starwood Hotels and Resorts Worldwide was acquired by Marriott International for $13 billion in 2016. The brand includes St. Regis, Sheraton Hotels & Resorts, W Hotels, Westin Hotels & Resorts, Aloft Hotels, Tribute Portfolio, Element Hotels, Le Méridien Hotels & Resorts, The Luxury Collection, Four Points by Sheraton and Design Hotels.
security  privacy  data  breach  marriott  hack 
10 days ago by rgl7194

Copy this bookmark:

to read