close

Database Leak

Mystery Database Leaks Reveals 191 Million US Voter Registration Records

Mystery Database Leaks Reveals 191 Million US Voter Registration Records

191 million US voter registration records leaked in giant mystery database

An independent security researcher has uncovered a publicly-available database containing the personal information of 191 million voters on the internet due to an incorrectly configured database. However, it is not clear who owns it.

Security researcher Chris Vickery, who shared his findings on DataBreaches.net, revealed that he found 300GB database of voter data, which includes names, home addresses, voter IDs, phone numbers, and birth dates, as well as political affiliations and and logs of whether they voted in primary or general elections. He told Forbes that he has the entire 300GB database in his possession, which has data that goes back to the year 2000 However, the database does not contain financial information or Social Security numbers.

Vickery, a tech support specialist from Austin, Texas, said he found the database while looking for information exposed on the Web in a bid to raise awareness of data leaks. He has since reached out to law enforcement, as well as the California attorney general’s office. The database was still online as of Monday.

“When one of their attorneys asked, ‘Well how much data are we talking about?’ and I read her the list of data fields and told her that we had access to voter records of over 17 million California voters, her response was ‘Wow,’ and she promptly forwarded the matter to the head of their e-crime division,” DataBreaches.net’s administrator wrote online.

‘I needed to know if this was real, so I quickly located the Texas records and ran a search for my own name. I was outraged at the result,’ Vickery told CSO Online.

“However, I have looked up several police officers in my city, and their data is indeed present. I’ve been working with journalists and authorities for over a week to get this database shut down or secured. No luck so far.”

After finding his own information in the voter database, Vickery told CSO that: “My immediate reaction was disbelief…. How could someone with 191 million such records be so careless?”

Steve Ragan, a security blogger at CSO, assisted in investigating the breach. He pointed out that none of the political database firms he identified that are connected with the database have claimed ownership of the IP address where the information is published.

He said that the leak is worse than a recent breach of voter data from Hillary Clinton’s campaign by a member of Bernie Sanders’ campaign, “because the data he discovered isn’t a client score – it’s a complete voter record for 191 million registered voters.”

“The problem is, no one seems to care that this database is out there and no one wants to claim ownership,” he said.

Vickery said he has not been able to find out who controls the database, but that he is working with U.S. federal authorities to identify the owner so they can remove it from public view. He refused to identify the agencies. On other hand, a representative with the Federal Bureau of Investigation (FBI) declined to comment.

A representative with the U.S. Federal Elections Commission, which regulates campaign financing, said the agency does not have jurisdiction over protecting voter records.

Regulations on protecting voter data vary from state to state, with many states imposing no restrictions. For example, California requires that voter data be used for political purposes only and not be available to persons outside of the United States.

Privacy advocates said Vickery’s findings were troubling.

“Privacy regulations are required so a person’s political information can be kept private and safe,” said Jeff Chester, executive director of the Washington-based Center for Digital Democracy.

Companies often charge huge amount of money to sell voter data, and many states place restrictions on the use of voter information for commercial purposes. However, political campaigns are mainly exempt from many of the communications laws applying to businesses, and are under no obligation to protect their data.

“Our society has never had to confront the idea of all these records, all in one place, being available to anyone in the entire world for any purpose instantly,” Vickery said, according to Forbes. “That’s a hard pill to swallow. It crosses the line.”

read more

Educational Toy Manufacturer Hacked, Identity of Millions of Kids at Risk

Toy Maker VTech Hacked: Data of 4.8 Million Parents And 200000 Children Exposed

VTech, a company that makes electronic learning products, reported a data breach that they say occurred on their Learning Lodge (app store) database on November 14.

VTech, A Chinese company which manufactures educational toys for kids has reported that the database of its app store has been breached. An “unauthorized party” accessed customer information in a database for VTech’s Learning Lodge app store on November 14, the company said in a statement. The app store lets parents download apps, games, e-Books and educational content to VTech toys.

the database contains customer data including name, email address, password, IP address, mailing address and download history. It does not contain credit card information, the company said.

While the victim company has not disclosed the number of affected people, Motherboard, which first reported the hack has estimated that information on nearly 5 million parents and more than 200,000 kids was exposed. The hacked data included kids’ first name, gender and birthday.

Though hackers can have a variety of motives, similar attacks have resulted in customer data being sold on the Web’s black market, allowing criminals to steal goods with another person’s identity. Hackers can use stolen data for a range of phishing attacks designed to target people through their email addresses and get them to click on links that trigger malicious software which lets the hackers steal even more sensitive information.

Motherboard was notified of the breach by an unidentified hacker who claimed responsibility. The hacker said he intends to do “nothing” with the data, according to Motherboard. Hackers sometimes break into systems simply to demonstrate that the networks are vulnerable and need to be made more secure.

If the number of exposed accounts reported by Motherboard is accurate, the VTech hack would be among the largest breaches in recent years. In August, hackers published data from more than 30 million accounts that had been set up on adultery website Ashley Madison. The personal information of an estimated 110 million Target customers was stolen in 2013 by malware installed on the retailer’s point-of-sale terminals.

“Upon discovering the unauthorized access we immediately conducted a thorough investigation, which involved a comprehensive check of the affected site and implementation of measures to defend against any further attacks,” according to a statement posted by VTech on their website.

The hacked database stored information on customers from the US, Canada, the UK, Ireland, France, Germany, Spain, Belgium, the Netherlands, Denmark, Luxembourg, Latin America, Hong Kong, China, Australia and New Zealand, said VTech.

read more

Hacking Team made a snooping App ‘BeNews’ that could avoid Google Play vetting

BeNews Android App developed by the Hacking Team escaped Google Play vetting and installed malware

BeNews Android App developed by the Hacking Team escaped Google Play vetting and installed malware

The Hacking Team hack attack leaks continue to spill some interesting beans. A new find among the leaked emails is that the Hacking Team had managed to developed an Android app that could dynamically execute malware payloads. The App called BeNews could also escape the vigourous vetting checks of Google Play security team.

BeNews Android App developed by the Hacking Team escaped Google Play vetting and installed malware

The app, BeNews, only requested three permissions from a user when installed, and was able to avoid Google’s automated app checks as no exploit was contained within its code. One the App was installed, its malicious payload would then snoop on the user and report his/her whereabouts back to the command and control server. This was reported by security research company Trend Micro Labs.

“The fake news app was downloaded up to 50 times before it was removed from Google Play on July 7,” Trend Micro said. “Looking into the app’s routines, we believe the app can circumvent Google Play restrictions by using dynamic loading technology.”

“Dynamic loading technology allows the app to download and execute a partial of code from the internet. It will not load the code while Google is verifying the app but will later push the code once the victim starts using it.”

Trend Micro said that Hacking Team than sold this App to its customers with instructions to take advantage of the app, and a Google Play account that they could use. The app uses a privilege escalation bug, CVE-2014-3153, found in Android 2.2 to 4.4.4.

“No other company has ever produced a lawful surveillance capability nearly as comprehensive, as easy to use, or as powerful as ours.”

read more

GhostShell back with a vengeance, claims it breached over 300 websites and leaked 13,000 people’s details online

Team GhostShell emerges from hiatus, hacks 300 websites around the world from China to Brazil and all in between

Team GhostShell emerges from hiatus, hacks 300 websites around the world from China to Brazil and all in between

A hacker group known as Team GhostShell after lying dormant for more than 3 years, has returned back with a vengeance. In a series of tweets from its official account, the group claimed it has successfully hacked over 300 websites and has posted over 13,000 users’ personal details online with more to come.

Team GhostShell emerges from hiatus, hacks 300 websites around the world from China to Brazil and all in between

The Ghostshell hackers claimed responsibility from a hacking spree that started on 30th June and is still continuing with every country in the world attacked. Their Twitter account is filled with series of tweets containing data of 100s of hacked websites with victim sites’ URLs and links to data dumps containing the alleged user information.

The victim sites came from a variety of locations and backgrounds, ranging from educational institutions in Australia, India, Egypt, China to Korean websites in addition to many .edu websites.

Symantec engineers said, if the GhostShell team’s claims are true, the end number of victims will likely range in the millions, in a threat advisory on the attacks.

“Reports say that the data dumps reveal compromised account details numbering in the thousands at the lower estimate; however, this number is probably much higher,” read the advisory.

The University of Southern California, Princeton UCHV, the University of Delhi and the University of Maryland are among those allegedly which suffered a data breach.

The data dump leaked by the hackers reveals a number of the text files hosted on various websites including hastebin and also includes database and server details. However, some of the files appear to have leaked sensitive information including names, email addresses, physical addresses, Skype names, phone numbers and other personally identifiable data.

Though the hacking has not been independently verified as of now by Symantec researchers said some of the data dumps appear to show passwords which are salted and hashed, whereas others are just hashed — or stored in plain text. Unfortunately, the infamous “123456” password is present.

The Team GhostShell however wanted as many eyeballs it could get and went on to taunt security firm FireEye in one of its tweets

https://twitter.com/TeamGhostShell/status/615940227606183936

Team GhostShell was very active in 2012 before going on a self imposed hiatus and emerging now. They had leaked hundreds of thousands of records from top universities, and also took on entities such as NASA, the Pentagon, and a variety of government agencies and political groups in 2012. They had later dumped 1.6 million accounts and records from numerous US government departments including ESA, NASA, Pentagon, Federal Reserve and the FBI in December the same year.

The GhostShell normally used SQL injections to compromise databases and steal records. However, it is not known they used the same method in the current spate of hackings.

We are trying to reach out to Team GhostShell and know the motive for the above hack attacks and will keep you updated.

 

read more

Private moments and Nude pictures of hundreds of Queensland Women Shared Online Without Consent

Images of naked women from Brisbane and nearby areas shared online without owners’ consent

Images of naked women from Brisbane and nearby areas shared online without owners’ consent

Images of more than 700 women from Brisbane and nearby areas, either scantily-clad or in the nude, have been shared online without owners’ consent by an individual who has been hosting the cache in a cloud storage service.

The hacker made multiple attempts to keep the data online and is threatening to defy the police take down request. The images were first published on Friday on a online forum. On Monday morning, the photos were taken down but reappeared by the end of the day. Police ordered a website to remove the photos of more than 700 women on Tuesday after the pictures re-emerged online.

For easy distribution, the cache was uploaded to a file sharing service whose name remains undisclosed. Brisbane Times reports that the business is based in New Zealand, which should make it easy to identify it.

The police intervened on Tuesday to take the photos down for the second time, but it seems like the individual is adamant on sharing them, promising that they would end up on websites on the Dark Web, a part of the Internet designed generally for anonymity, that is not indexed by search engines and it is not accessible via regular web browsers.

Although the Dark Web was created with honorable intentions (protecting privacy of the users like political activists or journalists), it also functions as an online dark alley where illegal businesses are also carried out.

The police say that very little can be done to slow down the distribution, but the hacker can be arrested. However the hacker seems to be enjoying the cat and mouse game with the Brisbane police department. “Come at me aussie police,” the hacker allegedly has been taunting, saying that the pics would be distributed in the anonymous network very soon.

The police are not investigating the case because at least one complaint from a victim is needed and none has been received until now.

However, the authorities said that law enforcement will not stand idle and will do what is legally possible to minimize harm on the victims. “The thing is, we don’t have a complaint and the focus has to be on harm minimization to try and get these things down so people’s lives aren’t ruined,” Fraud and Cyber Crime Group Detective Superintendent Brian Hay told Brisbane Times.

The trouble is that once the information are online, there is very little one can do to prevent it from being shared. Anyone who thinks their naked photos may have been posted online without their permission should contact the police via the Australian Cyber crime Online Reporting Network.

Stay alert, be safe and always keep your personal files away from the internet!

read more

Major Apple Zero-day security flaw exposes both Keychain and app passwords to attackers

Security researchers discover a serious Zero-day exploit in Mac OS X and iOS which can be exploited to steal the app data, passwords and various other credentials.

Zero-day exploit lets App Store malware steal OS X and iOS passwords

TL;DR – Security researchers discover a serious Zero-day exploit in Mac OS X and iOS which can be exploited to steal the app data, passwords and various other credentials.

A group of six security researchers from Indiana University and the Georgia Institute of Technology have found a major Apple Zero-day security flaw in both iOS as well as Mac OS X, which allows the malware to gain unauthorized access to the credentials of the device’s apps thus aiding that attackers to steal user’s sensitive data such as iCloud passwords, Mail app and all the web passwords that are stored by the Google Chrome. In short this exploit will directly expose the Apple’s Keychain and other apps including those of the third party.

This flaw has been confirmed by Apple, Google Chrome and others.

The research has been published in a paper titled Unauthorized Cross-App Resource Access on MAC OS X and iOS. The researchers involved were: Xing; Xiaolong Bai; XiaoFeng Wang; and Kai Chen joined Tongxin Li, of Peking University, and Xiaojing Liao, of Georgia Institute of Technology.

While speaking to the security desk of The Register, the team mentioned that they had brought this vulnerability to the notice of Apple in October 2014. Then, Apple said that it understands how serious this exploit is and asked the team to give them a time span of six months in which they would address and provide some solution to this flaw. Apple also told the researchers to not disclose this flaw in public till they fixed this problem.

In February 2015 Apple requested the team to provide them an advance copy of their research paper. Sadly, the research team have confirmed that the flaws are present even in the latest versions of Mac OS X as well as iOS and hence they had to bring this vulnerability in public.

Xing said: “We completely cracked the keychain service – used to store passwords and other credentials for different Apple apps – and sandbox containers on OS X, and also identified new weaknesses within the inter-app communication mechanisms on OS X and iOS which can be used to steal confidential data from Evernote, Facebook and other high-profile apps.”

Xing added: “Our malicious apps successfully went through Apple’s vetting process and was published on Apple’s Mac app store and iOS app store. We completely cracked the keychain service – used to store passwords and other credentials for different Apple apps – and sandbox containers on OS X, and also identified new weaknesses within the inter-app communication mechanisms on OS X and iOS which can be used to steal confidential data from Evernote, Facebook and other high-profile apps.”

The research team further also mentioned that despite the strong vetting of Apple they could upload malware which exploited the vulnerabilities to the Mac OS X and iOS App stores. It seems these apps which were vulnerable to attack were approved for both the operating systems.

The group also tested the exploit on a wide range of Mac and iOS apps and the result was terrible as it showed almost 90% of the apps were vulnerable and it gave complete access to the malware, not only with respect to the stored data but also to the login credentials.

Developer of  1Password app, AgileBits, accepted that it could not find any way to protect the app against the exploit.  A recent blog post from AgileBit’s Jeffrey Goldberg says: “Neither we nor Luyi Xing and his team have been able to figure out a completely reliable way to solve this problem.”

As per the security research group, Google’s Chromium security team was more responsive and they removed the Keychain integration for Chrome. The security team from Google Chrome also confirmed that when the attack is at an application level it would be almost impossible to protect against the exploit

The security research group further also released a video which exposed the Keychain Vulnerability of Google Chrome on OS X.  (check the video below)

In response to the post by The Register, one of the comments on the Hacker News suggests that though the malware cannot directly access the existing Keychain entries; however it can force users to login manually and then capture the sensitive credentials in a newly created entry, thus  indirectly getting unauthorized access to the sensitive data of users.

The security researchers further also said: “Keychain items have access control lists, where they can whitelist applications, usually only themselves. If my banking app creates a keychain item, malware will not have access. But malware can delete and recreate keychain items, and add both itself and the banking app to the ACL. Next time the banking app needs credentials, it will ask me to reenter them, and then store them in the Keychain item created by the malware.”

The security researchers warn all Mac OS X and iOS users to be more cautious whenever they are downloading apps from unknown developers, be it from iOS and Mac App Stores. Further, in case where login needs to be done by Keychain and if the system still asks users to login manually then this should raise an alarm and alert the users that there is something wrong in the system.

Earlier this month Mac BIOS/EFI vulnerability was revealed wherein the exploit would give permanent control of a Mac to the attacker and a reformatting of drive also would not help the user to stop attacker from accessing and controlling the Mac.

Another vulnerability detected this month was a bug in the iOS Mail app which could probably be a phishing attack wherein an attacker would run a remote HTML code whenever user opens an email and with that code the attacker could imitate an iCloud login prompt thus forcing users to give their Apple ID credentials.

Security researchers say as a thumb rule, it is essential that users should never allow their browser or a password manager to store the sensitive logins such as online banking credentials.

The security researchers further also mention: “The consequences of such attacks are devastating, leading to complete disclosure of the most sensitive user information (e.g., passwords) to a malicious app even when it is sandboxed. Such findings […] are just a tip of the iceberg.”

In their paper the researchers have mentioned: “Looking into the root cause of those security flaws, we found that in the most cases, neither the OS nor the vulnerable app properly authenticates the party it interacts with. Fundamentally, the problem comes from the challenge for an app to authenticate the owner of an existing Keychain item. Apple does not offer a convenient way to do so.”

read more

mSpy, Mobile Spyware firm hacked, thousands of customers data leaked on Dark Web

Mobile Spyware Firm mSpy Hacked, Client Data Exposed To Cyber Bullies

Mobile Spyware Firm mSpy Hacked, Client Data Exposed To Cyber Bullies

mSpy, a mobile spyware firm whose database has appeared on the Dark Web seems to have been severely hacked last week. Apparently, huge amount of data posted on the Dark Web like text messages, emails, Apple IDs, payment details, passwords, photos and location data for mSpy users have all been exposed, as reported on the KrebsOnSecurity website, who broke the story about the apparent yet to be confirmed breach.

mSpy’s technology is sold as a means for parents and employers to secretly spy on kids and employers, as its corporate blurb explains:

mSpy is the most popular and user-friendly application for watching over your kids, preventing theft and supervising your employees’ performance. The mobile monitoring software runs invisibly on the target device to track all activity, including call log history, GPS location, calendar updates, text messages, emails, web history and much more.

The firm that talks about two million users and develops technology for Windows, iOS, Android, and Mac PCs has yet to comment on the apparent breach. The unknown hackers behind the leak suggest the database contains details of more than 400,000 mSpy that is only reachable via Tor, includes Apple IDs and associated passwords, tracking data, and payment details on some 145,000 successful transactions. Tor, is a technology that allows users to hide their true internet address and let’s users to host websites that are very difficult to get hacked.

One can hardly feel sympathetic towards mSpy for being victimized, as the real victims of the apparent breach are without any doubt the targets of spy rather than the firm itself.

Global security strategist at Metasploit maker Rapid7, Trey Ford commented: “People being spied on were having their information stolen by one party, and it’s now moving rapidly through the underground.

“Not only is the legality of installing this software questionable (CFAA, etc.), but those who have the software on their devices have had their lives laid out in an uncontained information disclosure – it’s highly unlikely the victims of this crime will understand the extent of the damage for a very long time, if ever,” he added.

“This underscores how sensitive information may not necessarily be protected by regulations and auditors. Corporate executives are effectively information owners, responsible for the data collected, how it is stored and protected, and what to do when something happens,” he added.

Well-known and respected journalist Brian Krebs from his investigations of the data dump said that one thing is clear “There is a crazy amount of personal and sensitive data in this cache, including photos, calendar data, corporate email threads, and very private conversations. Also included in the data dump are thousands of support request emails from people around the world who paid between $8.33 to as much as $799 for a variety of subscriptions to mSpy’s surveillance software.”

There is no clarity as to where mSpy is based. The company’s website does not appear to list an official physical address, it suggests that it has offices in the United States, Germany and the United Kingdom. On the other hand, the historic website registration records show that the company is attached to a now non-functional firm called MTechnology LTD, which is based out of the United Kingdom.

Documents obtained from Companies House, an official register of corporations in the U.K., point that the two members who founded the company are self-described programmers, Pavel Daletski and Aleksey Fedorchuk. Those records (PDF) show that Daletski is a British citizen, and that Mr. Fedorchuk is from Russia. None of them could be contacted for comment.

Court documents (PDF) obtained from the U.S. District Court in Jacksonville, Fla. about a trademark dispute involving mSpy and Daletski state that mSpy has a U.S.-based address of 800 West El Camino Real, in Mountain View, Calif. Those same court documents state that Daletski is a director of a firm based in the Seychelles called Bitex Group LTD. The lawsuit was interestingly brought by Retina-X Studios, an mSpy competitor based in Jacksonville, Fla. that manufactures a product called MobileSpy.

Law enforcers and U.S. regulators have taken a distinct view of companies offering mobile spyware services like mSpy. mSpy also describes that its product works even on non-jailbroken iPhones, allowing the users to log into the device holder’s contacts, text messages, call logs, events, browser history and notes.

The company’s FAQ states that “If you have opted to purchase mSpy Without Jailbreak, and you have the mobile user’s iCloud credentials, you will not need physical access to the device. However, there may be some instances where physical access may be necessary. If you purchase mSpy for a jailbroken iOS phone or tablet, you will need 5-15 minutes of physical access to the device for successful installation.”

In March 2015, a public relations spokesperson from mSpy had told KrebsOnSecurity that roughly 40 percent of the company’s users are parents who are interested in keeping a watch on their kids. If we consider this statement to be true, it would be ridiculous to see that so many parents have now unknowingly disclosed their kids to bullies, predators and other nerds due to this breach.

read more

130,000 Chinese Rail passengers data leaked via official railway ticketing website

130,000 Chinese Rail passengers data leaked via official railway ticketing website

Data leak of 130,000 China Railway passengers including usernames, passwords, and e-mail addresses

Personal data of more than 130,000 customers who purchased train tickets on China’s official online railway ticketing site, 12306.cn, were leaked due to an unknown reason. The travellers whose data has been leaked are panicking as such data can be used for identity theft, online fraud or any other illegal activity.

Real-name registration must be provided to purchase tickets via the official website.The local news reported that data such as usernames, e-mail address, passwords, and phone numbers of over 130,000 customers of official railway ticketing website of China Railway, 12306.cn had been leaked. The leak is discerning for the Chinese citizens as all the China Railway passengers are required to register with real names and email ids to purchase the tickets.Data leak of 130,000 China Railway passengers including usernames, passwords, and e-mail addresses

The incident was first discovered by local IT security vendor Woo Yun and later confirmed by the website, 12306.cn. Before that, however, local news websites had started reporting about the leak and triggered a panic among the 12306.cn users.

China Railway while confirming the leak said that the said leak was not caused by its website and had originated from other online sites. “All the leaked information contains plain text, while the information in our website’s database is completely encrypted, which means the data leaked via other websites or channels,” it said in a statement.

Though the real cause of the leak is still being investigated, preliminary reports suggest that the leak could have been the result of third-party plugins or App used by 12306.cn.

read more

Sony threatens to sue Twitter over tweets giving out leaked email links from Sony Pictures hack

Sony threatens to sue Twitter over tweets giving out leaked email links from Sony Pictures hack

Sony threatens to take legal action against Twitter over leaked emails

Sony Pictures Entertainment has threatened to sue Twitter if the company doesn’t suspend accounts containing links to hacked emails. Sony was the victim of a massive hack allegedly orchestrated by #GOP, Guardians of Peace who may have been backed by the elite cyber warriors from Bureau 121 of North Korea on 24th November, 2014.

The hackers have used variety of services including Twitter and Pastebin to leak sensitive information stolen from the Sony Pictures corporate network.  Twitter has been used in recent times to leak links of the email correspondence between Sony and its stakeholders like employees, stars in its films and others. Sony has taken a strong objection to the use of Twitter for posting links for such emails.  Earlier Sony had written to media houses to stop publishing information of the leaked materials from the hack attack.

Legal Notice

Sony’s legal counsel, David Boies has shot of letter to the social networking site demanding that Twitter handles of those sharing such links be immediately banned or face legal action.  Boies, who was hired by Sony to clean up the hack mess in the aftermath of the attack, has shot of the letter Twitter’s general counsel,  Vijaya Gadde. The letter says that if “stolen information continues to be disseminated by Twitter in any manner,” Sony will “hold Twitter responsible for any damage or loss arising from such use or dissemination by Twitter.” US website Motherboard has posted a letter sent from Boies to Twitter on its webste.

Sony threatens to sue Twitter over tweets giving out leaked email links

In this letter, Boies has singled out one Twitter user, Val Broeksmit, who tweets screenshots of Sony emails as @BikiniRobotArmy. It accuses that the handle @BikiniRobotArmy is in possession of  SPE’s stolen documents which tantamounts to breach of SPE’s privacy.

Sony’s lawyer states that Twitter should “comply with all future requests with regard to any other account holder seeking to disseminate the Stolen Information via Twitter”. The letter also asks the network to forward the copy of above letter to @BikiniRobotArmy user Val Broeksmit, advising him to stop publishing stolen information.

Finally it says, that “If Twitter does not comply with this request, and the Stolen Information continues to be disseminated by Twitter in any manner, SPE will have no choice but to hold Twitter responsible for any damage or loss arising from such use or dissemination by Twitter.” which means that Sony can sue Twitter for such acts.

A spokesperson for Twitter confirmed that the letter sent by Boies is authentic but declined to specifically comment about the company’s response. When asked whether the company would be deleting Broeksmit’s tweets, the spokesperson noted that, right now, the tweets are still live on the site. In a separate statement, Twitter spokesperson told Motherboard reporter, that the social media network doesn’t allow the posting of another person’s private information, but that it does allow linking to such information.

“We review all reported content against our rules, which prohibit posting another person’s private information. Please note that this only applies to content (text or images) posted within a tweet; we do not follow links to apply our rules to other sites. If a user or company (e.g., Sony) submits an actionable DMCA takedown request to us, we’ll disclose that to Chilling Effects,”

It remains to be seen whether Sony’s latest action of sending notices to all and sundry to ‘cease and desist’ from sharing/downloading/hosting leaked SPE documents ends up in clearing the mess created by the hack or snowballs into a great PR disaster for the company.

read more

University of California, Berkeley Hacked, Data Compromised

University of California, Berkeley Hacked, Data Compromised

University of California, Berkeley Hacked, Data Compromised

In September 2014, cyber criminals managed to breach the security of the University of California, Berkeley servers.  The Real Estate Division of the UC Berkeley was apparently hacked and the personal information of approximately 1600 people including student and faculty may have been compromised.

UC Berkeley notice the breach in September 2014, after which it removed the affected servers from the network. Thereafter UC Berkeley began reviewing the data stored on the servers to look for personal information. The search for personally identifiable information concluded the week of November 17, 2014, and notification letters were mailed starting December 12, 2014.  After identifying the people whose personal information may have been compromised, UC Berkeley sent out emails to the affected people.

It also issued a statement on its website mentioning the same. “Because the compromised servers contained such a large volume of data, an outside firm was brought in to lead the search for any personally identifiable information on the servers,” the statement says. “We understand that it’s disturbing to learn that your Social Security number or credit card number may have been exposed to hackers, and we truly regret that this has occurred,” UC Berkeley interim chief security officer Paul Rivers said in a statement. “We are encouraging those affected to take advantage of the free credit monitoring service that the university is offering to those impacted by the breach.”

All those affected are being offered one free year of credit protection services from ID Experts.

read more