Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The biggest security snafus of 2013 (so far)

Ellen Messmer | July 2, 2013
Late last December ended with a hacker leaking data on 300,000 Verizon FIOS customers which was apparently stolen via a marketing partner of Verizon.

- LivingSoocial, the daily deals site owned in part by Amazon, acknowledged it suffered a cyberattack which it "resulted in unauthorized access to some customer data from our servers." That information included names, e-mail addresses, date of birth for some users, and encrypted passwords. The company, which admitted 50 million customers were impacted, did say no credit-card and other financial information was affected or accessed,

- An unknown perpetrator launched wide-scale brute-force attacks against WordPress installations at hosting providers in order to build a large botnet. "Tens of thousands to hundreds of thousands of these shared servers have been cracked by these techniques," said the Anti-Phishing Working Group in its report. "Access and use of these boxes is then metered out in the criminal underground for all sorts of activities, including DDoS, malware distribution, and of course, phishing."

- The U.S. Department of Labor website was hacked and malware loaded onto the Department of Labor's server, attempting to compromise visitors through an IE vulnerability. The problem was later fixed.

- Personal information on 1,350 patients at Sonoma Valley Hospital in California was exposed after a hospital employee accidentally uploaded the data to the hospital's public website on Feb. 14 but became aware of the breach on April 17.

MAY 2013
- The Chicago Board Options Exchange (CBOE) for trading suffered system problems on May 2 that affected trading, and the glitch followed an outage the previous week that forced CBOE to delay trading for more than three hours.

- The Financial Times website and Twitter feed were hacked, with responsibility for that claimed by a group called the Syrian Electronic Army, which supports Syrian President Bashar al-Assad, apparently angered by the publication's coverage of the Syrian civil war conflict.

- A 41-year-old man, Michael Meneses, was arrested for allegedly disrupting his former employer's network after he was passed over for promotions and quit his job, causing an alleged $90,000 in damages by breaking into it with captured passwords and corrupting data, according to FBI information. Meneses, whose job at Spellman High Voltage Electronics Corp. entailed developing and customized software, denied the allegations and was released on $50,000 bond.

- Eonline, the online entertainment news site, acknowledged its breaking-news Twitter and SMS accounts were compromised, and on May 4 said, "We apologize for any confusion that the enormous news alerts may have caused." Other media website, some for  Federal News Radio and WTOP and the Dvorak blog site, were also compromised and pushing fake anti-virus malware.

- The defense contractor QinetiQ was compromised and information and intellectual property vital to national security was stolen by hackers associated with the Chinese People's Liberation Army, over a three-year period, according to Bloomberg.

 

Previous Page  1  2  3  4  5  6  7  8  9  10  11  12  Next Page 

Sign up for CIO Asia eNewsletters.