breach

Last.fm warns users of password leak

Last.fm today urged its users to change their passwords because of a compromise that may be related to a huge password leak involving LinkedIn and eHarmony.

"We are currently investigating the leak of some Last.fm user passwords. This follows recent password leaks on other sites, as well as information posted online," a Last.fm blog post said. "As a precautionary measure, we're asking all our users to change their passwords immediately."

The blog post did not say how many users were affected or how the passwords were leaked. A Last.fm executive did … Read more

The 404 1,068: Where it's a small world (podcast)

The time has come for every Internet denizen to take a stand against the worst atrocity (and probably the biggest problem) on the Web: vertical videos. Big thanks to the puppets in this PSA spreading the word about Vertical Video Syndrome.

You can blame Flip video cameras, the ubiquity of videos shot with an iPhone, or just the tech-ignorance masses, but it has to stop. With the help of Ariel, Richard, and Joseph on today's episode, we all hope to put an end to the vertical video travesty.… Read more

Anonymous attacks Justice Dept., nabbing 1.7GB of data

In a hack it dubbed "Monday Mail Mayhem," Anonymous claims to have collected and released 1.7GB of data from the U.S. Department of Justice yesterday.

"Within the booty you may find lots of shiny things such as internal emails, and the entire database dump," the hacker group wrote on the AnonNews Web site. "We Lulzed as they took the website down after being owned, clearly showing they were scared of what inevitably happened."

The group did not specifically say why it initiated the attack. Instead, it cryptically announced that, "We are … Read more

GlobalSign breach stemmed from unpatched server

GlobalSign was left red-faced last year after one of its Web servers was hacked. It turns out the incident was due to a piece of open-source software not being updated, a senior GlobalSign executive told sister site ZDNet UK.

The company ceased issuing certificates, and shut down its operations. GlobalSign said it keeps SSL-certificate issuing infrastructure "separate" from its Web site -- a common practice -- and reiterated that its operations was secure.

GlobalSign's own Web site, the site's certificate, and some other public-facing documents were compromised during the hack, but no other servers were breached.… Read more

PlayStation Network going down this morning -- for maintenance

Sony says its PlayStation Network will be down today, but those who suffered through last year's security breach should know it's only maintenance this time around.

Sony senior manager for the PlayStation Digital Platforms, Matthew Harper, announced on his company's blog yesterday that the gaming and digital media network will be taken down at 6 a.m. PT today and will stay offline for about 13 hours, or until 7 p.m. PT. During that period, the PlayStation Store, PlayStation Home, and online gaming will not be available.

Sony's timing on the outage is somewhat curious. … Read more

1.5 million card numbers stolen

Links from Monday's episode of Loaded:

1.5M card numbers compromised Comcast, Time Warner don't allow access to HBO Go on Xbox and Roku Free Photoshop CS6 preview Angry Birds cartoon series Developer defends Girls Around Me app Subscribe: iTunes (MP3) | iTunes (320x180) | iTunes (HD) | RSS (MP3) | RSS (320x180) | RSS HD

Hey Global Payments, where's the apology?

I hope Global Payments doesn't strain itself patting its own back for containing a massive breach that occurred on its watch.

The company, which processes credit, debit, and gift card transactions between merchants, banks, and consumers, let a staggering 1.5 million credit card numbers get out in the open as a result of a still-to-be determined attack on its system. Yet it has barely shown any signs of contrition.

Most companies would have shown a bit of remorse for what has happened, but Global Payments has struck an almost self-congratulatory tone for how it identified the problem, alerted … Read more

Global Payments calls data breach 'contained'

Global Payments, a third-party payments processor at the center of a Visa and MasterCard security breach, reiterated Monday morning that while customer data may be at risk, the data breach has been "contained to the best of our ability."

Overall, 1.5 million accounts may have been affected.

Global Payments CEO Paul Garcia said that the "diligent work" may take some time, but it will complete the ongoing investigation and identify any changes that need to be implemented.

Garcia said the company will get its record of compliance back with Visa and MasterCard "as soon … Read more

Up to 1.5M credit card numbers stolen from Global Payments

As many as 1.5 million Visa and MasterCard accounts may have been compromised by the recent Global Payments security breach, the payment processor announced this evening.

Credit card numbers may have been exported, but no customer names, addresses, or Social Security numbers were accessed, the company said in a statement. The company believes the breach, which was revealed Friday, was confined to North America.

The nature of the breach, which was originally pegged at 50,000 accounts, has not been revealed. The company also did not say whether it knew of any fraudulent charges resulting from the breach on … Read more

Cost of Global Payments hack likely manageable

Global Payments, the processor blamed for a Visa and MasterCard data breach last week, is likely to be able to manage its financial hit related to beefing up security.

Last week, Visa and MasterCard warned banks about a data breach. In addition, Global Payments issued a statement confirming the data breach. Global Payments said the company's security systems picked up the threat in March and contacted law enforcements. The company will hold a conference call Monday at 8 a.m. EDT.

It's unclear how many accounts were compromised, but 10 million is the largest reported number thus far. … Read more