After hack, Target offers year of free credit monitoring

Tens of thousands of people likely received a conciliatory e-mail from Target on Wednesday. In an effort to temper the repercussions of its massive data breach, the big-box retailer offered to give affected customers one year of free credit monitoring from Experian -- valued at $191.

The security breach, which yielded the personal information of as many as 110 million customers, was first identified on December 15. Apparently, cybercriminals accessed customers' private information at point-of-sale terminals during check-out.

Target said the breach occurred between November 27 and December 15 and resulted in the theft of names, mailing addresses, phone numbers, … Read more

Syrian Electronic Army hacks into Xbox Twitter accounts too

While it's been known for a couple of days that the Syrian Electronic Army hacked into the Microsoft News Twitter account, it's been revealed that the hackers also got into the Twitter accounts of Xbox and Xbox Support, along with Xbox's Instagram account, according to GameSpot.

The political hacking group that supports Syrian President Bashar Assad posted screengrabs of its exploits on its own Twitter account. The hack consisted of the Syrian Electronic Army writing messages on Xbox's accounts that read, "Syrian Electronic Army Was Here" and "Game On!" The group also … Read more

Target confirms malware used on point-of-sale terminals

Hackers infected Target's point-of-sale terminals with malware to steal the payment card information from millions of customers, the retailer's chief executive has confirmed.

The security breach, which yielded the personal information of as many as 110 million customers, was first identified on December 15, four days before the breach was publicly revealed, CEO Gregg Steinhafel told CNBC during an interview. Target revealed Friday that the security breach it suffered between November 27 and December 15 was larger than originally believed, yielding the names, mailing addresses, phone numbers, and e-mail addresses for near three times its original estimate of … Read more

More retailers reportedly victims of holiday data breaches

The scope of credit card data breaches suffered by US retailers during the holiday shopping season may be larger than previously thought.

Following disclosures by Target and Neiman Marcus, Reuters reports that at least three more well-known retailers experienced smaller breaches that have yet to be publicly revealed. The additional attacks used similar techniques as the attack on Target, sources told the news agency, adding that other attacks may have occurred earlier last year.

The Reuters report did not identify which retailers may have been affected by the security breaches.

Target revealed on Friday that a payment card data breach … Read more

Microsoft's Twitter account: Don't use our e-mail

Sometimes, irony adorns Twitter like the sugar on a doughnut.

On Saturday morning, however, the Microsoft News Twitter account offered a curious instruction. It read: "Don't use Microsoft emails(hotmail,outlook),They are monitoring your accounts and selling the data to the governments. #SEA @Official_SEA16."

The accusation might be referred to as a Reverse Scroogling. Or, perhaps, a Microsofting.

As to the perpetrators, the "SEA" hashtag points to the Syrian Electronic Army, a hacking group sympathetic to President Bashar Assad.

The SEA has operated for some time now, hacking its way into places such as … Read more

Credit card hackers hit Neiman Marcus

Credit card hackers might be developing a taste for the finer things in life.

Upscale department store Neiman Marcus confirmed that its database of customer information was hacked last month, independent security researcher Brian Krebs reported on Friday.

The Neiman Marcus hack follows news today from Target that its investigation into its recent hack found that thieves made off with the personal and credit card data of up to 110 million Target customers, 70 million more than previously thought.

The Neiman Marcus breach occurred around mid-December, the same time as the Target attack. Another similarity to the Target attack is … Read more

Leahy's perennial data privacy bill gets another shot

Maybe the fourth time will be the charm for Sen. Patrick Leahy's data privacy protections standards.

Leahy (D-Vt.) reintroduced his data privacy protection bill to Congress on Wednesday, for the fourth time since 2005. The Personal Data Privacy and Security Act would create a national standard for how businesses would have to notify customers of data breaches, and mandate customer data protection standards for businesses that collect sensitive personal information.

It would also update the Computer Fraud and Abuse Act so that attempted computer hacking and conspiracy to commit computer hacking would be punishable by the same criminal penalties … Read more

Nevermind the hack: Snapchat hires lobbyists

Following the high-profile database hack that revealed the partially redacted personal data of its users, Snapchat has hired a political lobbying firm.

Snapchat has hired Heather Podesta and Partners, a Washington, D.C., lobbying firm, to promote policies favorable to the company on Capitol Hill, according to disclosure forms filed January 1. It is the first lobbying firm that Snapchat has hired.

Lobbyists from the firm working for Snapchat include Heather Podesta, an experienced lobbyist and former Hill staffer; former Judiciary Committee lawyer and US attorney Eric Rosen; and Benjamin Klein, also a former Hill staff member.

Podesta's firm … Read more

Overexposed: Snapchat user info from 4.6M accounts

Heads up, Snapchat users: someone has allegedly compromised 4.6 million accounts, potentially exposing your usernames and phone numbers.

The Snapchat account information apparently had been posted to a site called SnapchatDB.info by an individual or group determined to prod the 2-year-old photo-sharing service, which has more than 8 million adult users in the US alone, into shoring up its security. Sometime after the hack was first revealed overnight, the SnapchatDB site went offline, perhaps because of all the attention it attracted: "This account has been suspended," reads the brief note at the Web site. "Either … Read more

Hacker tried to sell access to BBC server -- report

A Russian hacker wasn't exactly in the Christmas spirit when he reportedly tried to sell access to a BBC server on December 25.

Apparently first spotted by cybersecurity firm Hold Security, the recent attack hit a BBC FTP server and was conducted by a "notorious Russian hacker" known as "Hash" and "Rev0lver," Reuters reported on Sunday. No evidence has turned up indicating that the hacker stole any actual information.

But "Hash" attempted to make a Christmas Day profit out of his exploits, according to Hold Security founder Alex Holden. The hacker … Read more