breach

Hackers transform EA Web page into Apple ID phishing scheme

Using some trickery, hackers were able to breach Electronic Arts' Web site and transform one of its pages into a bogus Apple log-in screen. Once users logged on to the fake site, they were prompted to input their credit card numbers, date of birth, and other personal information.

Security firm Netcraft discovered the breach and notified EA on Tuesday. The game maker told CNET that it investigated Netcraft's claims and as of Wednesday the phishing page is gone.

"We have found it, we have isolated it, and we are making sure such attempts are no longer possible," … Read more

Comixology users must change passwords after data breach

Digital comic readers with accounts at Comixology will have to change their passwords the next time they visit the site.

In an e-mail sent Thursday to account holders, Comixology revealed that it was hit by a recent security breach. Specifically, someone hacked into a database containing usernames, e-mail addresses, and encrypted passwords. Though the passwords themselves were stored in a protected format, the site is still requiring all users to change their passwords.

Comixology users can reset their passwords through the site's change-password page.

Comixology's e-mail also stressed that payment information is not stored on its servers and … Read more

Black market lights up with 360M stolen credentials -- report

The cyber black market is busting at the seams with stolen credentials, according to a new report.

Speaking to Reuters in an interview on Wednesday, Alex Holden, chief information security officer at Hold Security, said that over a period of just three weeks his company was able to identify 360 million different account credentials that were available for sale on Web-based black market services. The credentials include user names -- which are often e-mail addresses -- and passwords that in "most cases" are in unencrypted text, according to the report.

Holden told Reuters that his company is working … Read more

Data breach at University of Maryland exposes 300K records

The sensitive personal information for more than 300,000 faculty, staff, and students at the University of Maryland were stolen in a "sophisticated" cyberattack on the school's recently bolstered security defenses, the school's president revealed late Wednesday.

The names, Social Security numbers, and birth dates of 309,079 individuals affiliated with school's College Park and Shady Grove campuses who were issued a university identification card since 1998 were exposed in Tuesday's attack, according to an apology issued Wednesday by university President Wallace Loh. However, no financial, academic, or contact information was compromised, Loh said. … Read more

Target hack strips banks and credit unions of $200M

Not only were as many as 110 million Target customers affected by the massive hack on the retailer in December, but banks have also had to deal with the security breach.

The hack is said to have cost banks and credit unions more than $200 million, according to data gathered by the Consumer Bankers Association and the Credit Union National Association. Originally, the two associations estimated that losses tallied around $178 million but now say those costs are rising.

In all, 40 million credit and debit cards were compromised in the breach. So far, banks and credit unions have replaced … Read more

Kickstarter hacked, user data stolen

Hackers hit crowd-funding site Kickstarter and made off with user information, the site said Saturday.

Though no credit card information was taken, the site said, attackers made off with usernames, e-mail addresses, mailing addresses, phone numbers, and encrypted passwords.

"Actual passwords were not revealed, however it is possible for a malicious person with enough computing power to guess and crack an encrypted password, particularly a weak or obvious one," the site said in a blog post, adding that "as a precaution, we strongly recommend that you create a new password for your Kickstarter account, and other accounts … Read more

Hackers hit Tesco as over 2,200 accounts compromised

Tesco, an international supermarket chain, has been forced to deactivate online customer accounts after hackers took aim at its systems.

The company confirmed to The Guardian on Friday that over 2,200 of its accounts were compromised. Interestingly, it's believed that the hackers didn't actually break into its systems, but instead used data collected from other hacks to see if they could get any hits. The affected accounts used the same username and password combination as those in previous hacks, allowing the hackers to break in.

Rather than snoop around, however, the hackers posted the compromised accounts online, … Read more

Target works on security-heavy credit cards, after breach

Target is still reeling from the massive security breach, which affected as many as 110 million customers. Now, as the retailer gets back on its feet, it's becoming more security focused.

Target Chief Financial Officer John Mulligan wrote an opinion piece for The Hill on Monday saying that the company was speeding up its implementation of high-security credit cards.

The credit cards come embedded with a tiny microprocessor chip, which is said to beef up security and make it more difficult for cybercriminals to access user data. Target had already begun work on the cards before the hack, but … Read more

Justice Department looking into Target data breach

The Target data breach that has affected up to 110 million people is now under scrutiny by the US Justice Department.

Speaking before the Senate Committee on the Judiciary on Wednesday, US Attorney General Eric Holder said his office is evaluating and enforcing "privacy protections and other safeguards concerning data possessed by government as well as the private sector." More specifically, Holder said that his office is trying to find the criminals who are behind the Target data breach and anyone who might be using the stolen information for gain.

"While we generally do not discuss specific … Read more

Arts and crafts chain Michaels says credit card data may've been nicked

If you plopped down the plastic at arts and crafts store Michaels recently, you might want to check your statement.

The company said Saturday that it was investigating a potential payment-card security breach, a la those that affected Target and Neiman Marcus.

"Although the investigation is ongoing, based on the information we have received and in light of the widely reported criminal efforts to penetrate the data systems of US retailers, we believe it is appropriate to notify our customers that a potential issue may have occurred," the company said in a post on its Web site Saturday. … Read more