Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The biggest security snafus of 2013 (so far)

Ellen Messmer | July 2, 2013
Late last December ended with a hacker leaking data on 300,000 Verizon FIOS customers which was apparently stolen via a marketing partner of Verizon.

- The non-profit education community membership organization EDUCAUSE said its server then maintains the .edu domain information and member profile information was breached, which may have compromised other EDUCAUSE website profiles, including names, titles, e-mail addresses, usernames, and passwords.

- The Financial Industry Regulatory Authority fined five affiliates of the ING Groep NV $1.2 million after finding that the units of the Netherlands-based banking company had failed to retain or review millions of emails for various periods between 2004 and 2012.

- The administrators of a popular iOS developer Web forum called iPhoneDevSDK confirmed that it had been compromised by hackers who used it to launch attacks against its users. At about the same time, Facebook revealed its employees were also targeted and it apparently occurred "when a handful of employees visited a mobile developer website that had been compromised." Apple also said a small number of the company's systems had been compromised and infected with malware. Microsoft later said a small number of computers, including some on its Mac business unit, may have been infected the same way.

- Websites affiliated with broadcaster NBC were hacked for several hours on Feb. 21, serving up malicious software intended to steal bank account information.

- Zendesk said a hacker gained access to support information for some customers of its online helpdesk software. The company has more than 20,000 customers, including Sears, Xerox and Groupon.

- Microsoft's Azure cloud suffered a worldwide outage in storage services on Feb. 22 because of an expired SSL certificate. The company took steps to update the SSL certificate and apologized for the "inconvenience this causes our customers."

- Bank of America (BoA) said a data breach of internal e-mails related to monitoring of the hacktivist group Anonymous was basically the fault of a third-party contractor which was compromised but wasn't named. Some of the e-mail correspondence showed that TEKsystems had been working with BoA to monitor public activity by hacker groups targeting the bank. The hacker group that claimed to have posted more than 500 emails went by the name Par:AnoIA.

MARCH 2013
- Evernote, which makes business and consumer productivity software, forced all its 50 million users to change their passwords after detecting a hacker intrusion on its systems. The attacker is said to have gained access to Evernote accounts' usernames, email addresses and passwords, though the passwords were encrypted. The company said there's no evidence the hackers got hold of user content or customers' payment information.

- CloudFlare, the company whose service speeds up delivery of web pages, briefly dropped off the Internet for about an hour after its Juniper routers choked on a slight programming change that had been designed to deflect a distributed denial-of-service attack that had been underway against one of its customers.


Previous Page  1  2  3  4  5  6  7  8  9  10  11  12  Next Page 

Sign up for Computerworld eNewsletters.