Chinese Military Charged With Equifax Data Breach

· · Link

Four Chinese military hackers have been charged with breaking into Equifax’s network and stealing the data of tens of millions of Americans.

The accused hackers exploited a software vulnerability to gain access to Equifax’s computers, obtaining log-in credentials that they used to navigate databases and review records. The indictment also details efforts the hackers took to cover their tracks, including wiping log files on a daily basis and routing traffic through dozens of servers in nearly 20 countries.

Reminder that Equifax executives did insider trading based on the breach. They are criminals.

267 Million Facebook IDs, Phone Numbers Exposed

· · Link

A database that contained over 267 million Facebook user IDs, phone numbers, and IDs was discovered on the web. It wasn’t password-protected.

Comparitech partnered with security researcher Bob Diachenko to uncover the Elasticsearch cluster. Diachenko believes the trove of data is most likely the result of an illegal scraping operation or Facebook API abuse by criminals in Vietnam, according to the evidence.

Diachenko immediately notified the internet service provider managing the IP address of the server so that access could be removed. However, Diachenko says the data was also posted to a hacker forum as a download.

Database of 1.2 Billion Records Found With Scraped Data

· · Link

A database filled with 1.2 billion records of data was found on the dark web back in October. I hesitate to call this a data breach because:

While the collection is impressive for its sheer volume, the data doesn’t include sensitive information like passwords, credit card numbers, or Social Security numbers. It does, though, contain profiles of hundreds of millions of people that include home and cell phone numbers, associated social media profiles like Facebook, Twitter, LinkedIn, and Github, work histories seemingly scraped from LinkedIn, almost 50 million unique phone numbers, and 622 million unique email addresses.

In other words this is all data that people have willingly put on their social media profiles. While it can be used for nefarious purposes (especially phone numbers) this is less of a breach and more of a database of scrapes. Nevertheless I’m using our “data breach” tag.

That Recent Data Breach Might Not Be Limited to Capital One

· · Link

The Capital One data breach might not have bene limited to the bank. Other companies could’ve been affected too, according to Slack messages from the hacker Paige Thompson.

Reports from Forbes and security reporter Brian Krebs indicating that Capital One may not have been the only company affected, pointing to “one of the world’s biggest telecom providers, an Ohio government body, and a major U.S. university,” according to Slack messages sent by the alleged hacker.

Krebs posted a screenshot of a list of files purportedly stolen by the alleged hacker. The stolen data contained filenames including car maker “Ford” and Italian financial services company “Unicredit.”

Over 2 Billion User Records Exposed in Orvibo Data Breach

· · Link

Orvibo makes smart home products, and researchers found a leak in its database that exposed over two billion user records. This included usernames, email addresses, passwords, and precise locations.

The data breach affects users from around the world. We found logs for users in China, Japan, Thailand, the US, the UK, Mexico, France, Australia, and Brazil. We expect that there are more users represented in the 2 billion plus logs.

We first contact Orvibo via email on June 16. When we didn’t receive a response after several days, we also tweeted the company to alert them to the breach. They still have not responded, nor has the breach been closed.

Utterly ridiculous. It’s one thing to leak data, and other thing to ignore the problem and not fix it.

Photos of Travelers, License Plates Stolen in U.S. Customs Breach

· · Link

Photos of travelers and license plates were stolen in a U.S. Customs breach. A subcontractor for the agency was hacked, but CBP won’t say which one. One hypothesis says it might be Perceptics.

CBP said copies of “license plate images and traveler images collected by CBP” had been transferred to the subcontractor’s company network, violating the contract’s security and privacy rules. The subcontractor’s network was then attacked and breached. No CBP systems were compromised, the agency said. It’s unclear whether passport or facial-recognition photos were included in the breach.