Vodafone hacker accesses banking data of two million customers in Germany

Vodafone hacker steals 2 million customers affected

Vodafone has confirmed that hackers have accessed its servers in Germany, gaining access to personal information and bank details of approximately two million customers. The operator says the breach was a "highly sophisticated and illegal intrusion" that it believes was masterminded by an insider -- and indeed a suspect has already been identified and handed over to police. It's not often you hear about a successful raid on a mobile operator, which is why Vodafone believes it could only have been conducted by someone with an "inside knowledge of [its] most secure internal systems." Vodafone customers outside of Germany aren't affected, and those inside the country should already have been contacted. The company says credit card information, mobile phone numbers, passwords and PIN numbers were not accessed in the attack, although Vodafone is warning customers to be especially vigilant about potential phishing attacks in the future.

Filed under:

Comments

Via: Bloomberg

Facebook security bug exposed 6 million users’ personal information (update)

Facebook security bug exposed 6 million users' personal information

Today, Facebook announced a security bug that compromised the personal account information of six million users. In a post on the Facebook Security page, the site's White Hat team explained that some of the information the site uses to deliver friend recommendations was "inadvertently stored with people's contact information as part of their account on Facebook." When users downloaded an archive of their account via the DYI (download your information) tool, some were apparently given access to additional contact info for friends and even friends of friends. The post continues:

We've concluded that approximately 6 million Facebook users had email addresses or telephone numbers shared. There were other email addresses or telephone numbers included in the downloads, but they were not connected to any Facebook users or even names of individuals. For almost all of the email addresses or telephone numbers impacted, each individual email address or telephone number was only included in a download once or twice. This means, in almost all cases, an email address or telephone number was only exposed to one person. Additionally, no other types of personal or financial information were included and only people on Facebook - not developers or advertisers - have access to the DYI tool.

Facebook says it's temporarily disabled the DYI tool to fix the breach. We've reached out to the site for further comment; for now, read the official statement via the source link below.

Update: Facebook has responded to our inquiries and stated that while the bug was discovered earlier this month, "it had been live since last year." They immediately disabled the tool, fixed the bug and reenabled it within 24 hours of the bug's discovery. The bug was reported to them through a White Hat program for external security researchers.

Filed under: ,

Comments

Via: TechCrunch

Source: Facebook

Blizzard suffers security breach, encrypted passwords and authenticator data compromised

Change your passwords Blizzard suffers security breach, security questions, encrypted passwords compromisedAccording to a recent Blizzard security update, now might be a good time cook up a new password. Blizzard's security team found that its internal network has been illegally accessed, and answers to personal security questions, authenticator data and cryptographically scrambled Battle.net passwords have found their way into the perpetrator's hands. The team is confident, however, that the compromised data isn't enough to give the attacker access to user accounts, and says that there is no evidence to suggest financial data (credit cards, billing addresses and customer names) were accessed. Blizzard President Mike Morhaine recommends that users update their passwords all the same, and we couldn't agree more. Check out his official statement at the source link below and get that Diablo III account locked down.

Filed under:

Blizzard suffers security breach, encrypted passwords and authenticator data compromised originally appeared on Engadget on Thu, 09 Aug 2012 19:48:00 EDT. Please see our terms for use of feeds.

Permalink Massively (Joystiq)  |  sourceBlizzard  | Email this | Comments

LinkedIn confirms security breach, ‘some passwords’ affected

LinkedIn confirms security breach, 'some passwords' affectedReports began swirling this morning that around six million passwords attached to LinkedIn accounts had been compromised, and after looking into the matter, the site has confirmed that "some of the passwords" attached to accounts of LinkedIn members have been affected. The network doesn't specify the number of passwords leaked, nor does it confirm the rumored count of six million. It does, however, promise that it will invalidate passwords of the hit accounts -- and vows to send an email to each affected user with instructions on how to reset their password, followed by another piece of correspondence explaining what happened. Below you'll find the company's official statement, as well as what it is doing to ensure its members are safe.

Continue reading LinkedIn confirms security breach, 'some passwords' affected

LinkedIn confirms security breach, 'some passwords' affected originally appeared on Engadget on Wed, 06 Jun 2012 16:14:00 EDT. Please see our terms for use of feeds.

Permalink The Verge  |  sourceLinkedIn  | Email this | Comments