data breach

A California district judge has dismissed a handful of charges that plaintiffs brought against Sony, including negligence, restitution, and unjust enrichment in its handling of a PlayStation Network data breach last year.

Several lawsuits were filed against Sony PlayStation Network in the wake of a major security breach of the personal data of more than 75 million customers in April 2011.

On Friday, Judge Anthony Battaglia of the U.S. District Court in Southern California ruled that one of those class action suits is invalid, according to Courthouse News.

When the attack happened in 2011, more than 75 million customer … Read more

A group of hackers has released a vast quantity of data from banks, government agencies, consulting firms and many others and promised more data leaks in the future.

"Team GhostShell's final form of protest this summer against the banks, politicians and for all the fallen hackers this year," the group, which calls itself -- you guessed it -- "Team GhostShell," wrote in a Pastebin post titled "Project HellFire" this weekend. "With the help of it's [sic] sub-divisions, MidasBank & the newest branch, OphiusLab. One million accounts/records leaked. We are also … Read more

A U.S. policy report to be released today says Congress should preempt certain state and federal regulations in order to allow companies the freedom to share with the government information about cyber security threats and attacks without fear of breaking data breach and other laws.

More information sharing is needed between companies and government agencies in order to help fend off attacks from hacktivists, criminals, and nation-states that target computer networks in the United States, according to the Cyber Security Task Force: Public-Private Information Sharing report written by the Homeland Security Project at the non-profit Bipartisan Policy Center.

"… Read more

I'm going to say it. Lame! That's what this Yahoo password leak is. Really, Yahoo? Shame!

A group of hackers say they used a common attack, known as SQL injection, to grab 450,000 passwords from a Yahoo database, and they released them to the Web last night. The passwords were stored in plain text and not obscured using a hashing technique, which is standard practice for companies that handle sensitive user data.

I've asked Yahoo to comment on why the company didn't hash the passwords, but so far it's only released a statement confirming … Read more

The U.S. Federal Trade Commission has filed a lawsuit against hotel chain Wyndham Worldwide and three subsidiaries for allegedly storing data in plain text and other security failures that enabled hackers to access more than 600,000 payment card accounts in three data breaches in less than two years.

The hackers exported the payment card account data to an Internet domain address registered in Russia, according to the FTC lawsuit (PDF). They then used the data stolen from Wyndham's data center in Phoenix to make transactions, resulting in fraud losses of more than $10.6 million, the suit … Read more

Hackers have released consumer data stolen from an online loan provider, after the company refused to pay an extortion fee.

"On June 12, AmeriCash Advance received a fax, telling us that part of our Web site had been hacked. The letter went on to demand initial payment of $15,000 from us," AmeriCash Advance, an online payday cash advance provider, said in a statement provided to CNET. "We immediately notified the appropriate authorities and promptly took steps to ensure that no other data could be accessed. We will not cave in to blackmail, and are cooperating fully … Read more

A hacker claiming to have broken into networks of dozens of banks and stolen customer data, has released as proof a file that contains names, addresses, e-mail addresses, and phone numbers in plain text, but no credit card numbers.

"I penetrated over 79 large banks, I've been targetting these banks since 3 months," read a tweet from the Twitter account of Reckz0r. "Actually, I didn't hacked VISA & Mastercard, I hacked the banks, #Chase..etc."

A Pastebin post from today has a link to a downloadable file on the AnonFiles.com site that appears … Read more

Credit card processor Global Payments said today that in the course of investigating the theft of 1.5 million credit card numbers, it has discovered that hackers may also have stolen consumer data from servers.

"Our ongoing investigation recently revealed potential unauthorized access to personal information collected from a subset of merchant applicants," the company said in a statement on its Web site.

"It is unclear whether the intruders looked at or took any personal information from the company's systems; however, the company will notify potentially-affected individuals in the coming days with helpful information and make … Read more

Three companies have warned users in the last 24 hours that their customers' passwords appear to be floating around on the Internet, including on a Russian forum where hackers boasted about cracking them. I suspect more companies will follow suit.

Curious about what this all means to you? Read on.

What exactly happened? Earlier this week a file containing what looked like 6.5 million passwords and another with 1.5 million passwords was discovered on a Russian hacker forum on InsidePro.com, which offers password-cracking tools. Someone using the handle "dwdm" had posted the original list and … Read more