Your new post is loading...
Your new post is loading...
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
Uber sind bereits vor gut einem Jahr Daten von rund 50 Millionen Fahrgästen gestohlen worden. Der Fahrdienst-Vermittler informierte die Öffentlichkeit aber erst am Dienstag über den Vorfall.
Es gehe um Namen, E-Mail-Adressen und Telefonnummern von Nutzern rund um die Welt, erklärte Uber dem Finanzdienst Bloomberg. Außerdem hätten sich die Angreifer auch Zugriff auf Daten von etwa sieben Millionen Uber-Fahrern verschafft.
Es seien aber keine Kreditkarten-Daten oder Informationen zu Fahrten gestohlen worden, betonte die Firma.
Uber räumte nun ein, dass über die Attacke weder Behörden noch Betroffene informiert worden seien. Stattdessen seien den Hackern 100.000 Dollar (rund 85.000 Euro) bezahlt worden, damit sie die gestohlenen Daten vernichten.
„Nichts davon hätte passieren dürfen“
Uber gehe davon aus, dass die Informationen nicht verwendet worden seien, hieß es. Die Hacker seien durch eine schlecht geschützte Datenbank an die Daten gekommen. Der Uber-Sicherheitschef Joe Sullivan wurde diese Woche entlassen, wie Uber weiter mitteilte. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES https://www.scoop.it/t/securite-pc-et-internet/?&tag=Uber
|
Scooped by
Gust MEES
|
Uber concealed a hack that affected 57 million customers and drivers, the company has confirmed. The 2016 breach was hidden by the ride-sharing firm which paid hackers $100,000 (£75,000) to delete the data. The company's former chief executive Travis Kalanick knew about the breach over a year ago, according to Bloomberg, which first broke the news.
The hackers found 57 million names, email addresses and mobile phone numbers, Uber said. Within that number, 600,000 drivers had their names and license details exposed. A resource page for those affected has been set up.
Drivers have been offered free credit monitoring protection, but per Uber's statement, affected customers will not be given the same. "While we have not seen evidence of fraud or misuse tied to the incident, we are monitoring the affected accounts and have flagged them for additional fraud protection," Uber's chief executive Dara Khosrowshahi said.
Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES https://www.scoop.it/t/securite-pc-et-internet/?&tag=Uber
|
Scooped by
Gust MEES
|
(Reuters) - Microsoft Corp’s secret internal database for tracking bugs in its own software was broken into by a highly sophisticated hacking group more than four years ago, according to five former employees, in only the second known breach of such a corporate database.
The company did not disclose the extent of the attack to the public or its customers after its discovery in 2013, but the five former employees described it to Reuters in separate interviews. Microsoft declined to discuss the incident.
The database contained descriptions of critical and unfixed vulnerabilities in some of the most widely used software in the world, including the Windows operating system. Spies for governments around the globe and other hackers covet such information because it shows them how to create tools for electronic break-ins.
The Microsoft flaws were fixed likely within months of the hack, according to the former employees. Yet speaking out for the first time, these former employees as well as U.S. officials informed of the breach by Reuters said it alarmed them because the hackers could have used the data at the time to mount attacks elsewhere, spreading their reach into government and corporate networks. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
|
Scooped by
Gust MEES
|
Kundendaten von Deloitte offenbar gehackt Eine der größten Unternehmens- und Buchhaltungsfirmen weltweit ist einem Bericht zufolge gehackt worden. Ein unzureichend gesicherter Admin-Account soll Zugriff auf mehrere Millionen E-Mails mit privaten Kundendaten ermöglicht haben.
Die Consulting- und Buchhaltungsberatungsfirma Deloitte ist offenbar gehackt worden. Nach Angaben des britischen Guardian ist es Angreifern gelungen, auf vertrauliche Informationen von Deloitte-Kunden zuzugreifen - wohl auch, weil das Unternehmen wichtige Accounts nicht per Zwei-Faktor-Authentifizierung abgesichert habe.
Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
|
Scooped by
Gust MEES
|
Le cabinet d’audit Deloitte a annoncé avoir été victime d’une attaque informatique ayant visé l’un des serveurs de mails utilisés pour échanger avec ses clients. Plus de 240.000 emails d’employés auraient été potentiellement affectés par l’attaque. Dans sa communication, la société confirme le piratage annoncé par le Guardian, mais explique que le nombre de victimes est une « fraction » des chiffres avancés dans les médias. Pour l’instant, la portée réelle de l’attaque et le nombre de sociétés touchées restent donc impossibles à déterminer : Deloitte doit sûrement avoir une petite idée, vu que ses équipes enquêtent discrètement sur l’affaire depuis maintenant six mois. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
|
Scooped by
Gust MEES
|
Auf den US-Finanzdienstleister Equifax ist ein Hackerangriff verübt worden, betroffen sind wohl 143 Millionen US-Bürger. In Hunderttausenden Fällen ging es um sensible Daten wie Sozialversicherungs- oder Kreditkartennummern. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
|
Scooped by
Gust MEES
|
Details of 77 million students, teachers and parents are thought to have leaked on the web. Edmodo confirms hackers breached its education platform, stole user data and hashed passwords Details of 77 million students, teachers and parents are thought to be up for sale on the web. Last week there were worrying reports that hackers had broken into Edmodo, and stolen the details of some 77 million teachers, students and parents. Now the popular online education platform has emailed its users, confirming that it has suffered a security breach: Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES http://www.scoop.it/t/securite-pc-et-internet/?&tag=Edmodo+Insecurity
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
MySpace’s turn
Well, it’s happened again.
This time, the breach is said to come from MySpace, and the number of passwords claimed is an eye-popping 427 million.
Apparently, there are only 360 million users on the list, but some accounts have more than one password listed, for reasons that aren’t explained.
Once again, the passwords allegedly exposed in this breach were simple, unsalted SHA-1 hashes, vulnerable to just the same sort of high-speed try ’em all attack as in the LinkedIn breach of 2012.
According to Leaked Source, lots of passwords have already been cracked, with the top 50 choices so far accounting for more than 6 million passwords, or 1.5% of the total. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?tag=DATA-BREACHES
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
WASHINGTON (AP) — Hackers stole personnel data and Social Security numbers for every federal employee, a government worker union said Thursday, asserting that the cyber theft of U.S. employee information was more damaging than the Obama administration has acknowledged.
Sen. Harry Reid, the Democratic leader, said on the Senate floor that the December hack into Office of Personnel Management data was carried out by "the Chinese" without specifying whether he meant the Chinese government or individuals. Reid is one of eight lawmakers briefed on the most secret intelligence information. U.S. officials have declined to publicly blame China, which has denied involvement.
J. David Cox, president of the American Federation of Government Employees, said in a letter to OPM director Katherine Archuleta that based on the incomplete information the union received from OPM, "We believe that the Central Personnel Data File was the targeted database, and that the hackers are now in possession of all personnel data for every federal employee, every federal retiree, and up to one million former federal employees.
Learn more:
- http://www.scoop.it/t/securite-pc-et-internet/?tag=Cyberattack
|
Scooped by
Gust MEES
|
Die spektakuläre Cyberattacke auf die Computersysteme der amerikanischen Steuerbehörde IRS war gravierender als bisher angenommen: Zwischen Februar und Mai 2015 gelangten die Angreifer nicht nur an die Daten von an die hunderttausend Steuerzahlern, sondern stahlen dabei Millionen Dollar.
Bei einer Anhörung des Senatsausschusses für Finanzen erklärte IRS-Chef John Koskinen, die Hacker hätten sich illegalen Zugriff auf das System für Steuerrückzahlungen verschafft. Sie hätten so erhebliche Summen abzweigen können, insgesamt belaufe sich der Schaden auf 39 Millionen Dollar. Laut "USA Today" konnte Koskinen weitere Attacken nicht ausschließen.
|
|
Scooped by
Gust MEES
|
Bloomberg reports on what seems to be a security scandal at Uber.
The ride-sharing firm concealed the theft of personal information related to 57 million customers and drivers, and rather than inform the concerned parties "paid hackers $100,000 to delete the data and keep the breach quiet."
The hack which Uber says is said to have happened in October 2016, and included the names, email addresses and phone numbers of 50 million Uber customers across the globe.
Bloomberg has the skinny on how the hack occurred, and it doesn't portray Uber in a good light, being the latest example of careless developers leaving internal login passwords lying around online:
Here’s how the hack went down: Two attackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company. From there, the hackers discovered an archive of rider and driver information. Later, they emailed Uber asking for money, according to the company.
Joe Sullivan, Uber's chief security officer (and at one time the main security honcho at Facebook), spearheaded the company's response to the breach alongside one other employee. Both are said to have left their positions at Uber this week. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES https://www.scoop.it/t/securite-pc-et-internet/?&tag=Uber
|
Scooped by
Gust MEES
|
Uber concealed a massive data breach for more than a year, according to a report by Bloomberg.
Hackers stole names, email addresses, and phone numbers of 57 million Uber riders around the world in a breach dating back to October 2016. Data on more than 7 million drivers was also stolen, including over 600,000 drivers' license records.
Trip records, location data, and social security numbers were not stolen in the breach, the company said.
But instead of alerting users of the breach, the company paid the hackers $100,000 to delete the data and to keep details of the breach quiet.
The company confirmed the breach, in a lengthy statement posted on Tuesday.
"As Uber's CEO, it's my job to set our course for the future, which begins with building a company that every Uber employee, partner and customer can be proud of," said Dara Khosrowshahi. "For that to happen, we have to be honest and transparent as we work to repair our past mistakes."
According to Bloomberg, two hackers broke into a private GitHub repo used by Uber software engineers, and were able to gain access to an Amazon Web Services account that handled and controlled tasks by the ride-sharing service. The hackers found a trove of rider and driver data, downloaded it, and reportedly emailed the company demanding money.
Uber has said, however, that individual riders do not need to take "any action," following the announcement. Learn more / En savoir plus / Mehr erfahren: https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES https://www.scoop.it/t/securite-pc-et-internet/?&tag=Uber
|
Scooped by
Gust MEES
|
The Wild Neutron hacking group gained access to an internal database Microsoft uses to track software vulnerabilities. David Bisson reports. On 17 October 2017, five former employees revealed that at the time of the breach Microsoft raised a number of internal alarms signaling that hackers had compromised the database it uses to track patches. The attack has been blamed on Wild Neutron, a sophisticating hacking group which has targeted Apple, Facebook, and a number of other multi-billion dollar companies. Even so, the former Microsoft workers said the database was poorly protected by just a single password. Concerned that the hacking group had stolen details on some of its open vulnerabilities for Windows and other software, Microsoft decided to look at other industry breaches and investigate the timing of those event with respect to when the flaws entered its database. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
|
Scooped by
Gust MEES
|
The largest hack in history just got three times worse for Yahoo. "Following an investigation with the assistance of outside forensic experts, [we believe] that all Yahoo user accounts were affected by the August 2013 theft," Suzanne Philion, an Oath spokeswoman, said in a statement Tuesday. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
|
Scooped by
Gust MEES
|
Deloitte, one of the world's biggest accounting, auditing, and corporate finance consulting firms, has suffered a data breach. Third hack at a financial institution this monthThe company is one of the so-called "Big Four" accounting firms, together with Ernst & Young, KPMG, and PricewaterhouseCoopers. The Big Four provide accounting and other financial services to almost all major businesses across the globe. The Deloitte hack is the third security breach at a major financial agency this month alone, after similar incidents at Equifax and the US Securities and Exchange Commission (SEC).
|
Scooped by
Gust MEES
|
Kreditkarten-, Sozialversicherungs- und Ausweisnummern von mehreren Hundert Millionen US-Amerikanern sind in falsche Hände gelangt, als Equifax monatelang gehackt war. Dazu kommen weitere Opfer in Kanada und dem Vereinigten Königreich. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
|
Scooped by
Gust MEES
|
Equifax, one of the largest credit rating and reporting firm in the US, has become the latest company to reveal a data breach.
The incident was discovered on July 29, according to a company statement released after market close on Thursday.
The Atlanta, Georgia-headquartered company said that hackers had between mid-May through July exploited a vulnerability on its website to access certain files.
The data includes names, social security numbers, birth dates, home addresses, and in some cases, driving license information.
It's thought to be the largest data breach reported so far this year.
As many as 143 million Americans are said to be affected, the company said, representing about half of the US population. Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
|
Scooped by
Gust MEES
|
The account details of millions of subscribers to the education platform Edmodo have not only been stolen but witnessed to be for sale on the dark web, according to a post on Motherboard. The platform is used by more than 78 million teachers, students and parents to compose lesson plans, make homework assignments and other tasks. Breach notification website LeakBase provided Motherboard with a sample of more than two million records, which included usernames, email addresses and hashed passwords. The good news is that the passwords apparently are hashed with the stealthy bcrypt algorithm, and a string of random characters known as a salt, which likely will make it more difficult for hackers to obtain users' login credentials. And, when staffers at Motherboard attempted to open Edmodo accounts using some of the purloined data, they were unsuccessful as the address was already linked to an Edmodo account, the report explained.
The bad news is that at least a portion of the database is up for sale on the dark web marketplace Hansa for $1,000. The seller, going under the name nclay, said s/he was in possession of 77 million accounts. LeakBase reported that 40 million of those come with an email address.
Learn more / En savoir plus / Mehr erfahren: http://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES http://www.scoop.it/t/securite-pc-et-internet/?&tag=Edmodo+Insecurity
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
|
Scooped by
Gust MEES
|
Hackers linked to China appear to have stolen security-clearance records with sensitive data about millions of American military and intelligence personnel.
What’s particularly stunning about this development is how quickly it grew into something so severe. Last week, officials estimated that the personal data of 4 million current and former federal employees had been compromised. Then that figure ballooned to as many as 14 million.
Learn more:
- http://www.scoop.it/t/securite-pc-et-internet/?tag=Cyberattack
|
Scooped by
Gust MEES
|
The agency tasked with recruiting workers for the US government has fessed up to allowing the personal details of 4 million people to be stolen by hackers.
The US Office of Personnel Management (OPM) has sent out an alert to current and former government employees warning of the data breach.
"Beginning June 8 and continuing through June 19, OPM will be sending notifications to approximately 4 million individuals whose Personally Identifiable Information was potentially compromised in this incident," the OPM said.
The OPM alert does not disclose just what information was lost but said that it would provide credit monitoring and identity monitoring to all those who had their information swiped.
|
Learn more / En savoir plus / Mehr erfahren:
https://www.scoop.it/t/securite-pc-et-internet/?&tag=DATA-BREACHES
https://www.scoop.it/t/securite-pc-et-internet/?&tag=RANSOMWARE