Crooks threaten to leak customer data stolen from e‑commerce sites

A hack-and-extort campaign takes aim at poorly secured databases replete with customer information that can be exploited for further attacks. A number of e-commerce websites from multiple continents have had their customer databases stolen, with an unknown seller offering at least 1.62 million rows of personal records for sale on a public website. The online … More Crooks threaten to leak customer data stolen from e‑commerce sites

Sensitive plastic surgery photos exposed online

Other leaked records include videos, facial and body scans, as well as a range of patients’ personal data. Hundreds of thousands of records belonging to plastic surgery patients have been discovered sitting on an unprotected server and accessible for anyone to view. The data were stored on an Amazon Web Services (AWS) S3 bucket database … More Sensitive plastic surgery photos exposed online

Two billion user logs leaked by smart home vendor

The leak, which apparently has yet to be plugged, exposes a range of very specific data about users. A Chinese smart home solutions provider has been leaking billions of logs from devices managed via the company’s cloud platform, exposing a range of sensitive information about their users. The database – which was found sitting an … More Two billion user logs leaked by smart home vendor

Wajam: From start-up to massively-spread adware

How a Montreal-made “social search engine” application has managed to become widely-spread adware, while escaping consequences. Background Wajam Internet Technologies is a start-up founded in December 2008 by Martin-Luc Archambault (a famous entrepreneur in Quebec) and based in Montreal, Canada. The core product of the company is a social search engine application (i.e. it allows … More Wajam: From start-up to massively-spread adware

UK’s National Lottery urges millions of players to change their passwords

The lottery’s operator has found that attackers probably used an automated method known as ‘credential stuffing’ to access up to 150 customer accounts. The United Kingdom’s National Lottery is advising all of its 10.5 million registered online users to change their passwords as a safety precaution following a security incident. The recommendation comes after the … More UK’s National Lottery urges millions of players to change their passwords