A hacker has stolen the personal details of 7.6 million users of browser-based game the “Town of Salem,” BlankMediaGames (BMG) has admitted in a blog post. The hack came to light after a mysterious person sent a copy of the stolen data to DeHashed, a commercial data breach indexing service.
DeHashed says it spent all the Christmas and New Year holiday trying to contact BMG and alert the game maker of the hack and its still-compromised server. The hacked servers were finally secured and “multiple backdoors removed” this week. The compromised information appears to include, usernames, email addresses, encrypted passwords, IP addresses and more.
Read more about the Town of Salem data breach on ZDNet.
The first data breach of 2019 was reported less than 24 hours into the New Year. The details of an estimated 30,000 Australian civil servants were stolen when a directory was downloaded by an unauthorised third party – believed to have phished the email address of a government employee in the state of Victoria.
The Victoria Premier’s Department said it had referred the breach to police, the Australian Cyber Security Centre and the Office of the Victorian Information Commissioner, Australia’s ABC network reported.
Read more about the first data breach of 2019 on CBR.
Data thieves stole the personal information of nearly 5 million people from an unconfirmed number of Chinese online ticket reservation platforms, according to Beijing police, who arrested a suspect in the case.
According to media reports, China Railway’s (CR) official online booking platform 12306 suffered a massive data breach, with information later being sold on the dark web. Compromised data reportedly included names, ID numbers, and passwords. CR later denied the claims in a Weibo post, saying no users’ information was hacked. However, it warned passengers to avoid booking their tickets on unauthorized third-party platforms.
Read more about the alleged China Railway data breach on TechNode.
Saying it was “welcoming 2019 with open arms and a big announcement,” the Dark Overlord hacker group Monday threatened via a Pastebin post to release files it said were nicked from a law firm – believed to have advised insurer Hiscox Syndicares Ltd. – that handled September 11-related cases.
Information pilfered includes “emails, retainer agreements, non-disclosure agreements, settlements, litigation strategies, liability analysis, defence formations, collection of expert witness testimonies, testimonies, communications with government officials in countries all over the world, voice mails, dealings with the FBI, USDOJ, DOD, and more, confidential communications, and so much more,” the group wrote.
American alcohol retailer BevMo has suffered a breach that leaked credit card data, including security codes, belonging to 15,000 customers. A privately-held corporation based in Concord, California, BevMo sells mostly alcoholic beverages. As of 2013, the company operates 148 stores.
California attorney general’s office received a notice from BevMo this week that someone planted malware on its checkout page, the Associated Press reports. The code was designed to steal customers’ names, credit and debit card numbers, expiration dates, CVV codes, billing addresses, shipping addresses and phone numbers.
US coffee store chain Caribou Coffee announced a security breach today after it discovered unauthorized access of its point of sale (POS) systems. The company listed 239 stores of its total 603 locations as impacted, which roughly amounts to 40 percent of all its sites.
All customers who used a credit or debit card at one of the affected stores between August 28, 2018, and December 3, 2018, should consider their card details compromised and take precautions such as asking for a card replacement, reviewing credit card reports, and enrolling in identity protection programs. Users can consult the list of impacted stores via the company’s data breach notice, posted on its homepage.
Read more about the Caribou Coffee data breach on ZDNet.
Cyber-criminals could sell someone’s complete digital life – including social media accounts, banking details, app data, gaming accounts and even remote access to servers or desktops – for less than $50 on the dark web, according to a new study from Kaspersky Lab.
The research is based on an investigation of dark web markets, revealing that the price paid for a single breached account is even lower – at about $1 each. Many criminals sell accounts in bulk and some even offer a “lifetime warranty,” so if an account a buyer has purchased stops working, they receive a new one for free. Although the resale value of stolen data is low, cyber-criminals can still use it in many ways, from stealing money to committing crimes under the disguise of someone else’s identity.
Like many other businesses, semiconductor manufacturer Micron Technology employs a range of physical, electronic, and policy measures to protect its trade secrets. Yet all it took for the company to allegedly lose intellectual property worth at least $400 million to a Chinese competitor was two employees with legitimate access to the data.
A federal indictment unsealed this week in the US District Court for the Northern District of California described Micron as the victim of economic espionage involving a Taiwanese semiconductor company, a state-owned company in China, and three individuals who previously worked for Micron.
Read more about how Micron fell victim to espionage on DarkReading.
An extremely high number of keylogger phishing campaigns have been seen tied to the Zoho online office suite software; in an analysis, a full 40 percent spotted in the last month used a zoho.com or zoho.eu email address to exfiltrate data from victim machines.
A Cofense analysis of popular keylogging malware – which records user imputs in real-time to find passwords and other information – found that cybercriminals are abusing Zoho in two ways. One is by creating bogus, free accounts, and using these to receive emails from their malware containing the stolen data from the keylogger. Secondly, attackers in some cases are using stolen accounts to facilitate this same data exfiltration.
Read more about the findings of the Cofense analysis on Threatpost.
Multiple apps developed by Trend Micro are no longer available in the Mac App Store after researchers showed they were collecting browser history and information about users’ computers. Apple recently removed Adware Doctor, a top security app, from its store, on the exact same grounds.
The apps are Dr. Antivirus, Dr. Cleaner, and Dr. Unarchiver, all under the developer account Trend Micro, Incorporated. Until removal, all products were top-sellers. Trend Micro denies that its apps were stealing user data. The company confirmed that some of its apps collected browser snapshots, but the behavior was disclosed in the EULAs of each product.