Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The worst security snafus of 2012 – so far

Ellen Messmer | July 16, 2012
Could things really be this bad? From the embarrassing hack of a conversation between the FBI and Scotland Yard to a plethora of data breaches, security snafus have ruled the first half of 2012. Here's a look at some of the worst snafus month-by-month.

The University of Nevada in Lincoln acknowledged a data breach that exposed information of more than 654,000 files of personal information on students and employees, plus parents and university alumni. The information was stolen from the Nebraska Student Information Systems database; a student is the suspected culprit.

Other June snafus:

" Hacker gang Swagger Security strikes again, this time breaching the networks of Warner Bros. and China Telecom, releasing documents and publishing login credentials. The group said it notified China Telecom of the hack by planting a message in the company's network. "Fortunately for them, we did not destroy their infrastructure and rendered [stet] millions of customers without communications," Swagger Security, also known as SwaggSec, said in a note.

" About 6.5 million cryptographic hashes of LinkedIn user passwords were stolen and posted online, a breach LinkedIn acknowledged though it didn't discuss specific numbers, which may be much less due to duplicates. LinkedIn invalidated the passwords of impacted users and the company said emails will be sent to users whose passwords were compromised, though it warned about updating passwords via links sent in email.

" Right after the LinkedIn fiasco, dating site eHarmony also confirmed a breach of 1.5 million passwords that were hashed.

" The Federal Trade Commission announced that data broker Spokeo will pay $800,000 to settle FTC charges it sold personal information it gathered from social media and other Internet-based sites to employers and job recruiters without taking steps to protect consumers required under the Fair Credit Reporting Act.

" The New York Times article asserting that the cyber-weapon Stuxnet is a creation of the U.S. with Israel, and was launched in a covert action authorized directly by President Barack Obama against an Iranian facility suspected of developing a nuclear weapon, has stirred up a firestorm of controversy in Washington about leaked information. Now that another cyber-weapon for espionage, Flame, has been discovered and linked directly with Stuxnet, there's more concern, with the United Nations division International Telecommunication Union warning countries that Flame is dangerous, and some saying the U.S. is losing the moral high ground as its secret cyberwar efforts become known.


Previous Page  1  2  3  4  5  6 

Sign up for CIO Asia eNewsletters.