In this week's issue: Ashley Madison's users have their personal information exposed, Target and Visa reach a settlement regarding the retailers data breach, the Illinois Department of Corrections exposes employee personal information, the IRS data breach is worse than initially reported, and we take a look atBeware Of Public Cellphone Charging Stations
Ashley madison hackers post stolen data
You would be hard-pressed to find someone who hasn’t heard about the Ashley Madison hack and the subsequent data dump that occurred Tuesday night. In July, the hacking team claiming responsibility threatened to release the personal information of the roughly 35 million Ashley Madison users if Avid Life Media did not shut down two of its sites, including Ashley Madison.
Earlier this week, a massive 9.7 gigabyte data dump was posted on a Tor browser for users to download and look through the data. In the files, seven years worth of payment and personal information was leaked including names, mailing addresses, and the last four digits of a credit card linked to the account. Two days later, another data dump with nearly 20 gigabytes of data was released for Torrent download. The Impact Team claims that Avid Life Media founder and CEO Noel Biderman’s email message have also been compromised.
Stay tuned as more information becomes available.
Target and Visa Reach Data breach settlement
On Monday, news broke that Target had reached a settlement with Visa over the 2013 data breach that exposed the personal and payment of roughly 110 million customers. Target has agreed to pay as much as $67 million to the banks and credit unions that had to reissue Visa credit and debit cards. As Target still recovers from its data breach, the retailer has agreed to pay an additional $10 million to all affected customers. Back in May, Target had tried to reach an agreement with MasterCard and the financial institutions it serves with a proposed $19 million agreement. However, that agreement did not receive enough support from MasterCard’s issuers and had to be sent back to the negotiating table.
For more information on the Target data breach and to see our expected losses for the retailer, click here.
Illinois department of corrections inadvertently exposes employee ssn
The Illinois Department of Corrections has discovered that a security breach occurred, compromising the personal information of more than 1,000 of its employees. Last Friday, the department found that the names, Social Security numbers, salaries, and job were inadvertently shared with an unknown number of individuals. In a letter to Illinois lawmakers, the affected employees are from Lawrence and Dixon Correctional Centers and the Illinois Office of Communication and Information (IOC) is in the process of notifying all affected employees.
IRS says cyberattack more extensive than previously reported
When we first covered the Internal Revenue Service’s (IRS) data breach in late May, it appeared that hackers had stolen the 2014 tax returns of more than 100,000 taxpayers through a feature provided by the IRS. On Monday, the IRS revealed that the security incident was much more extensive than originally reported. After covering the 2015 tax filing season, the IRS revised the total number of affected taxpayers to 330,000. The IRS is now sending an additional 230,000 notification letters to affected individuals warning of them of the potential risk of identity theft, along with a year of free credit monitoring.
Rippleshot Content: beware of public cellphone charging stations
In this week’s Rippleshot blog post, we look at one of the many ways cybercriminals look to steal sensitive data from unsuspecting victims. One of these attack methods involves cellphone-charging stations that are found across the globe. Most of us have been in a situation where our cellphone’s battery is low and we look to these charging stations to keep us connected to the world. While these lifelines may seem harmless, security researchers have shown that it is possible to install malicious software onto these phones and steal sensitive data without anyone noticing. See how a two-year-old hacking method is seeing an uptick in 2015.
SHARING IS CARING. TO GET YOUR FRIENDS AND COWORKERS SUBSCRIBED, SEND THEM HERE.