Data Breaches - W/E - 12/6/19
Data Breach Hits Church's Chicken Restaurants (11/26/2019)
Church's Chicken confirmed a data breach occurred after its payment processing systems were compromised. Approximately 160 locations have been impacted in 11 states. According to a statement, no franchised locations and not all restaurants were affected. Only company-operated restaurants have been impacted.
Church's Chicken confirmed a data breach occurred after its payment processing systems were compromised. Approximately 160 locations have been impacted in 11 states. According to a statement, no franchised locations and not all restaurants were affected. Only company-operated restaurants have been impacted.
Leaking Server Exposes Data on 1.2 Billion People (11/26/2019)
Researchers Bob Diachenko and Vinny Troia at DataViper discovered an exposed Elasticsearch server with 4 TB of data containing four billion user accounts. A total count of unique people across all data sets reached more than 1.2 billion people and contained names, email addresses, phone numbers, LinkedIn, and Facebook profile information. The researchers say that the data sets appear to originate from two different data enrichment companies: People Data Labs and OxyData.io. The exposed server did not contain any sort of password or authentication for protection
Researchers Bob Diachenko and Vinny Troia at DataViper discovered an exposed Elasticsearch server with 4 TB of data containing four billion user accounts. A total count of unique people across all data sets reached more than 1.2 billion people and contained names, email addresses, phone numbers, LinkedIn, and Facebook profile information. The researchers say that the data sets appear to originate from two different data enrichment companies: People Data Labs and OxyData.io. The exposed server did not contain any sort of password or authentication for protection
Massive Data, SMS Leak Compromises Millions of Accounts, Credentials (12/03/2019)
Researchers at vpnMentor discovered a breached database belonging to the American communications company, TrueDialog. Millions of account usernames, private text messages, passwords, and other information were exposed via the unsecured 604 GB database. The breach was found on November 26 and the database has since been secured but TrueDialog works with over 990 cell phone operators and reaches more than five billion subscribers around the world so it's not yet known how many people have been compromised. The database contained entries that were related to many aspects of TrueDialog's business model. The company itself was exposed, along with its client base, and the customers of those clients. vpnMentor said in a blog post regarding the TrueDialog breach, "The company uses an Elasticsearch database, which is ordinarily not designed for URL use. However, we were able to access it via browser and manipulate the URL search criteria into exposing the database schemata."
Researchers at vpnMentor discovered a breached database belonging to the American communications company, TrueDialog. Millions of account usernames, private text messages, passwords, and other information were exposed via the unsecured 604 GB database. The breach was found on November 26 and the database has since been secured but TrueDialog works with over 990 cell phone operators and reaches more than five billion subscribers around the world so it's not yet known how many people have been compromised. The database contained entries that were related to many aspects of TrueDialog's business model. The company itself was exposed, along with its client base, and the customers of those clients. vpnMentor said in a blog post regarding the TrueDialog breach, "The company uses an Elasticsearch database, which is ordinarily not designed for URL use. However, we were able to access it via browser and manipulate the URL search criteria into exposing the database schemata."
On the Border Reports Data Compromise (11/27/2019)
On The Border is actively investigating a security incident that involves a payment processing system that services some of the company's restaurants. The incident was discovered on November 14 but had occurred between April 10 and August 10 and not all locations are impacted. The company stated that malware installed on the payment processing system was to blame for this breach and that names, credit card numbers, credit card expiration dates, and credit card verification codes could have been compromised.
On The Border is actively investigating a security incident that involves a payment processing system that services some of the company's restaurants. The incident was discovered on November 14 but had occurred between April 10 and August 10 and not all locations are impacted. The company stated that malware installed on the payment processing system was to blame for this breach and that names, credit card numbers, credit card expiration dates, and credit card verification codes could have been compromised.
Smith & Wesson's Online Site Compromised in Magecart Payment Card Attack (12/03/2019)
Gun manufacturer Smith & Wesson had its online store injected with a malicious script to steal customer payment card data. The attack is the work of Magecart, a collective made up of several groups of cybercriminals. The thieves registered malicious domains by impersonating Sanguine Security and then used the name of Sanguine's Willem de Groot as the domain contact for the skimmers. While studying the sites compromised by the fake Sanguine skimmers, de Groot uncovered the breached Smith & Wesson site. The skimmer was injected into the gun maker's site on November 27 and removed by December 3.
Gun manufacturer Smith & Wesson had its online store injected with a malicious script to steal customer payment card data. The attack is the work of Magecart, a collective made up of several groups of cybercriminals. The thieves registered malicious domains by impersonating Sanguine Security and then used the name of Sanguine's Willem de Groot as the domain contact for the skimmers. While studying the sites compromised by the fake Sanguine skimmers, de Groot uncovered the breached Smith & Wesson site. The skimmer was injected into the gun maker's site on November 27 and removed by December 3.
T-Mobile Suffers Data Breach that Impacts Over One Million Customers (11/25/2019)
T-Mobile confirmed over the weekend that it suffered a data breach that allowed malicious parties to obtain personal data from over one million of its subscribers. According to the carrier's Customer Security Disclosure, the breached data included names, billing addresses, phone numbers, account numbers, and the type of active subscription on the affected accounts. While the aforementioned disclosure was legally required due customers' rate plans falling under "customer proprietary network information," the company provided little else in the way of details on the hack. When queried for further information by TechCrunch, a T-Mobile representative revealed that the breach occurred some time in early November, and that it was shut down immediately after discovery. As TechCrunch notes, the data that was stolen is not, in and of itself, particularly dangerous. However, it could be exploited by criminals to steal additional aspects of the victims' identity via other means. T-Mobile claims it has already contacts all customers impacted by the breach.
T-Mobile confirmed over the weekend that it suffered a data breach that allowed malicious parties to obtain personal data from over one million of its subscribers. According to the carrier's Customer Security Disclosure, the breached data included names, billing addresses, phone numbers, account numbers, and the type of active subscription on the affected accounts. While the aforementioned disclosure was legally required due customers' rate plans falling under "customer proprietary network information," the company provided little else in the way of details on the hack. When queried for further information by TechCrunch, a T-Mobile representative revealed that the breach occurred some time in early November, and that it was shut down immediately after discovery. As TechCrunch notes, the data that was stolen is not, in and of itself, particularly dangerous. However, it could be exploited by criminals to steal additional aspects of the victims' identity via other means. T-Mobile claims it has already contacts all customers impacted by the breach.