breaches

Adobe has temporarily closed one of its user forums after a hacker caused a data breach.

The forum, Connectusers.com, allows Adobe customers to share information and opinions about its Connect online conferencing service, which is used to host Web conferences, e-learning, and webinars.

However, after a hacker hailing from Egypt posted a purported file dump containing user details from the site on Pastebin, Adobe pre-emptively took down the forum and said it will reset the passwords of affected site members.

The file dump, posted by the alleged hacker using the alias ViruS_HimA, apparently contains over 150,000 e-mail addresses … Read more

A California district judge has dismissed a handful of charges that plaintiffs brought against Sony, including negligence, restitution, and unjust enrichment in its handling of a PlayStation Network data breach last year.

Several lawsuits were filed against Sony PlayStation Network in the wake of a major security breach of the personal data of more than 75 million customers in April 2011.

On Friday, Judge Anthony Battaglia of the U.S. District Court in Southern California ruled that one of those class action suits is invalid, according to Courthouse News.

When the attack happened in 2011, more than 75 million customer … Read more

Hackers have accessed the confidential information of nearly 300,000 students, employees, and faculty in a massive security breach at a Florida college, officials said today.

The breach was first thought to have been isolated to employees at Northwest Florida State College but may involve student records from across the state, education officials said. More than 200,000 records were stolen in the breach, including the names, birth dates, and Social Security numbers of any student who was eligible for Florida's Bright Futures scholarships from 2005 to 2007.

"We speculate this was a professional, coordinated attack by one … Read more

A group of hackers claims to have stolen thousands of personal records by breaching the servers of more than 50 universities around the world, including Harvard, Stanford, Cornell, and Princeton.

A group calling itself GhostShell posted to text-sharing site Pastebin more than 120,000 records from the breached servers, including thousands of names, usernames, passwords, addresses, and phone numbers of students and faculty. While most hacker activity is motivated by a desire to steal identities or pranksterism, GhostShell said the goal of its data dump was to focus public attention on the state of higher education:

A group of hackers has released a vast quantity of data from banks, government agencies, consulting firms and many others and promised more data leaks in the future.

"Team GhostShell's final form of protest this summer against the banks, politicians and for all the fallen hackers this year," the group, which calls itself -- you guessed it -- "Team GhostShell," wrote in a Pastebin post titled "Project HellFire" this weekend. "With the help of it's [sic] sub-divisions, MidasBank & the newest branch, OphiusLab. One million accounts/records leaked. We are also … Read more

Zappos, LinkedIn, eHarmony, Yahoo, LastFm, the Environmental Protection Agency, Stanford, and Columbia University -- all suffered online data breaches recently, says the Privacy Rights Clearinghouse.

In fact, this year alone, there have been 276 data breaches, according to the Identity Theft Resource Center. Statistics indicate that private sector businesses and the health-care industry were most vulnerable, falling victim to, respectively, 37 percent and 34 percent of the breaches. Educational institutions and the government/military sector had breach rates of 14 percent and 11 percent, respectively. The rate for financial companies came in at just more than 3 percent, according to … Read more

A New Hampshire man filed suit against Yahoo this week alleging that lax security measures allowed hackers to get into a Yahoo database and steal passwords from 450,000 accounts.

In his lawsuit seeking class-action status -- filed in federal court in San Jose, Calif., on Tuesday (PDF) -- Jeff Allan is asking the court to order Yahoo to compensate him and others for "resulting account fraud" and measures people had to take to protect against identity theft.

Not only was Allan's Yahoo password stolen but someone also had accessed his eBay account without his permission after … Read more

A U.S. policy report to be released today says Congress should preempt certain state and federal regulations in order to allow companies the freedom to share with the government information about cyber security threats and attacks without fear of breaking data breach and other laws.

More information sharing is needed between companies and government agencies in order to help fend off attacks from hacktivists, criminals, and nation-states that target computer networks in the United States, according to the Cyber Security Task Force: Public-Private Information Sharing report written by the Homeland Security Project at the non-profit Bipartisan Policy Center.

"… Read more

Updated July 13 at 12:17 p.m. PT

Yahoo has just become the latest big online service to suffer a major password breach. While the number of affected users is far smaller than in the last big exposure -- that would be the password hack at LinkedIn last month, which exposed 6.5 million user passwords -- the attack is a big black eye for Yahoo and a potential hazard to the 450,000 or so people whose log-in information is now flapping in the breeze.

So here's CNET's quick guide to the Yahoo password fumble and … Read more