FCC fines Google $25,000 for unauthorized data collection and impeding investigation

By on April 16, 2012 at 7:55 PM.

FCC fines Google $25,000 for unauthorized data collection and impeding investigation

The Federal Communications Commission has fined Google $25,000 for impeding a U.S. investigation into the data collection scandal surrounding its Street View project, in which the Internet giant allegedly accessed unsecured networks and collected personal information without users’ permission. The FCC said the Mountain View-based company did not cooperate with the investigation and refused to reveal the names of its engineers associated with the project. “Google refused to identify any employees or produce any e-mails. The company could not supply compliant declarations without identifying employees it preferred not to identify,” the FCC said. “Misconduct of this nature threatens to compromise the commission’s ability to effectively investigate possible violations of the Communications Act and the commission’s rules.” More →

No Comments

AntiSec hacks Universal and Viacom; leaks user data, passwords

By on June 29, 2011 at 8:15 PM.

AntiSec hacks Universal and Viacom; leaks user data, passwords

A hacking group named LulzSec made headlines recently for attacking high visibility targets, including Sony and the U.S. government. LulzSec announced earlier this week that it was stopping its operations, and rumor has it many of the members joined up with Anonymous’ “AntiSec” hacking group. Now that group is making its own headlines. On Tuesday AntiSec claimed responsibility for attacks against Universal and Viacom. According to The Wall Street Journal, the hackers released personal data, including passwords, from the Universal Music Website. It also obtained and leaked information about Viacom’s network. It’s unclear how many users were affected by the security breach, although we hope to hear an official word from both firms in the near future. More →

7 Comments

Citigroup hacked, 200,000 accounts compromised

By on June 10, 2011 at 2:30 AM.

Citigroup hacked, 200,000 accounts compromised

On Thursday Citigroup announced that hackers had breached its systems in May and accessed personal data from 200,000 accounts — about 1% of its customers. The hackers managed to steal customer email addresses, contact information and account numbers, but Reuters reported that other information such as birth dates, Social Security Numbers and credit card expiration dates were not accessed. “We are contacting customers whose information was impacted. Citi has implemented enhanced procedures to prevent a recurrence of this type of event,” Citigroup spokesperson Sean Kevelighan, said. “For the security of these customers, we are not disclosing further details.” It is currently unclear who was responsible for the breach. More →

23 Comments

Sony Pictures breach confirmed to be authentic; Sony launches investigation

By on June 3, 2011 at 9:15 AM.

Sony Pictures breach confirmed to be authentic; Sony launches investigation

A small group of hackers calling themselves LulzSec on Thursday claimed to have breached a Sony website and gained access to personal information belonging to over 1 million Sony customers. The group posted a statement claiming it did not have the resources to download the massive database tied to SonyPictures.com, but it provided samples of the data accessed in order to prove the breach was real. The Associated Press contacted several of the purported victims using phone numbers posted by LulzSec, and it was able to confirm with multiple victims that the data, which included account passwords, was authentic and accurate. Sony has not yet confirmed the breach, though a company spokesperson did say Sony is currently investigating the claims. This new breach is the latest in a string of hacks on various Sony networks that have compromised personal data belonging to over 100 million Sony customers. More →

24 Comments

Sony cyberattacks spill over to Sony Ericsson

By on May 25, 2011 at 2:43 PM.

Sony cyberattacks spill over to Sony Ericsson

Sony continues to be targeted in a series of cyberattacks that have resulted in the theft of personal information belonging to over 100 million Sony customers. Following breaches of the company’s PlayStation Network, Sony Online Entertainment, So-net Entertainment and most recently, the Sony’s Greek website, hackers have breached a database associated with Sony Ericsson’s Canadian online shop. Personal data including names, email addresses and passwords belonging to more than 2,000 customers was compromised, but Sony said no credit card numbers were stolen. A Lebanese hacking group called Idahca claimed responsibility for the attack, and it said the information obtained has been leaked on Facebook and Twitter. It is unclear if this latest attack is tied in any way to previous attacks on Sony’s various digital properties. More →

22 Comments

Sony suffers another cyberattack

By on May 24, 2011 at 9:00 AM.

Sony suffers another cyberattack

Sony’s ongoing battle with cyberattacks has already left the personal data of over 100 million customers exposed, and now the company has fallen victim to yet another attack. Details are slim for the time being, but Reuters cites a report from Jiji news service in stating that roughly 8,500 people across three countries have been affected by this latest breach. Their personal information has been leaked as a result of an attack on Sony’s Greek website on Tuesday, though it is unclear exactly what data the hackers gained access to. Sony has not yet confirmed the attacks, but its Greek website, sony.gr, was back online at the time of this writing. More →

26 Comments

Sony’s PlayStation Network password reset page compromised

By on May 18, 2011 at 12:06 PM.

Sony’s PlayStation Network password reset page compromised

According to reports from numerous gaming sites, the password reset page for Sony’s PlayStation Network has been exploited. Sony built the page in an effort to allow users, whose accounts were already compromised during a major security breach last month, to reset their security credentials. However, hackers who stole the information from Sony can reset users’ passwords by knowing and account holder’s email address and birthday — information they’ve already stolen. Forum members on Nyleveia have suggested that PSN users create a new email address specifically for use with PSN. Sony has taken the website offline, and said: “Unfortunately this also means that those who are still trying to change their password via PlayStation.com or Qriocity.com will still be unable to do so for the time being.” Sounds like Sony really needs to get those new security measures in place, stat. More →

52 Comments

Facebook apps accidentally leak personal data, Symantec says

By on May 11, 2011 at 5:22 PM.

Facebook apps accidentally leak personal data, Symantec says

According to security firm Symantec, some advertisers on Facebook may have had access to your person profile, photographs and chats thanks to a security leak that was enabled by close to 100,000 Facebook applications. Thankfully, Symantec doesn’t think the advertisers ever knew that they had access to the personal data, and Facebook has already “taken corrective action to help eliminate this issue.” Symantec said that Facebook IFRAME applications were leaking “access tokens” — think of them as “spare keys” — that are granted to Facebook applications. While Facebook now uses OAUTH2.0 for authenticating users, hundreds of thousands of older applications still use a different authentication method. “There’s no good way to estimate how many access tokens have already been leaked since the release of Facebook applications back in 2007,” the report said, but Symantec thinks some may still be available through log files in third-party servers. Symantec advises Facebook users to change their passwords to invalidate those floating access tokens. More →

19 Comments

Sony: ‘At least a few more days’ before PSN service restored

By on May 10, 2011 at 11:40 PM.

Sony: ‘At least a few more days’ before PSN service restored

On its PlayStation Network blog today, Sony gave an official statement on when the PlayStation Network will be back online. The short answer is “at least a few more days.” Sony has also promised that both Qriocity and PSN should be available by May 31, however, so it could take a bit longer, too. Both networks went down after Sony suffered a massive security breach during which hackers stole 12.3 million credit card numbers and compromised personal data from 101 million accounts. “I know you all want to know exactly when the services will be restored,” Sr. Director, Corporate Communications & Social Media Patrick Seybold wrote on Sony’s PSN blog. “At this time, I can’t give you an exact date, as it will likely be at least a few more days. We’re terribly sorry for the inconvenience and appreciate your patience as we work through this process.” More →

23 Comments

Sony responds to congressional inquiry over ‘highly sophisticated’ cyberattack

By on May 4, 2011 at 1:18 PM.

Sony responds to congressional inquiry over ‘highly sophisticated’ cyberattack

Sony on Wednesday responded to a congressional inquiry regarding major cyberattacks against its Qriocity, PlayStation Network, and Sony Online Entertainment businesses that leaked loads of personal information, including credit card numbers, to hackers. The hackers were able to breach Sony’s security while another group, dubbed “Anonymous” mobbed its servers with denial-of-service (DoS) attacks. “Whether those who participated in the denial of services attacks were conspirators or whether they were simply duped into providing cover for a very clever thief, we may never know,” Sony said in its letter to Congress, noting that it still has no idea who hacked its systems. A total of 101 million accounts across Sony’s multiple networks were compromised as Sony became the “victim of a very carefully planned, very professional, highly sophisticated criminal cyberattack designed to steal personal and credit card information for illegal purposes,” the company said. According to The Wall Street Journal, 12.3 million credit card numbers were stolen, 5.6 million of which belonged to users in the United States. So far Sony has not confirmed that the credit card numbers have been used illegally. The firm hopes to get its gaming networks back online as soon as possible. More →

26 Comments