byAnna BradingMarriott International has today announced that it has suffered a data breach affecting up to 5.2 million people.The hotel chain says it uses an application to help provide services to its guests. Beginning mid-January this year, the login credentials of two employees at a franchised property were used to access guest information on this app.Wh

byDanny BradburyOnline exchange rate data provider Open Exchange Rates has exposed an undisclosed amount of user data via an Amazon database, according to a notification letter published on Twitter this week.Open Exchange Rates provides foreign exchange data for over 200 currencies worldwide, including digital ones. Software developers can access it using an

byDanny BradburyResearchers who uncovered a data exposure from mobile app Whisper earlier this week have released more details about the incident.Whisper is an app from MediaLab, a mobile app company that owns a host of other apps including the popular messaging service Kik. It offers a kind of anonymous social network service that allows people to post thei

byPaul DucklinUK telephone, TV and internet provider Virgin Media has suffered a data breach.Or not, depending on whom you ask.TurgenSec, the company that alerted Virgin Media to the breached information – or, at least, to the inadvertently disclosed database – says that it “included personal information corresponding to approximately 900,0

byLisa VaasThe UK’s Information Commissioner’s Office (ICO) said on Wednesday that it’s fined Cathay Pacific Airways £500,000 (USD $647,015, €576,992) for failing to secure passengers’ personal details, leading to malware being installed on its server that harvested millions of people’s names, passport and identity details, dates of b

byPaul DucklinSaving money, at least in modest amounts, used to be a very simple business.The easiest approach – many of us still do it, even in this online age – is the coin jar (or piggy bank, if you’re really old-school).Instead of frittering away your small change on daily inconsequentials, you dump unused coins in the big glass jar in

byLisa VaasFacebook is suing the data analytics firm OneAudience for allegedly developing a malicious, social-media-profile-grabbing software development kit (SDK) and then paying app developers to embed it in their apps.In a complaint filed in California on Thursday, Facebook charged that the polluted apps – which included shopping, gaming and utility

byLisa VaasClearview AI, the controversial facial recognition startup that’s gobbled up more than three billion of our photos by scraping social media sites and any other publicly accessible nook and cranny it can find, has lost its entire list of clients to hackers – including details about its many law enforcement clients.In a notification that

byLisa VaasFacebook has again lost data on thousands of people, but this time, it’s the old-fashioned, smash-and-grab kind of data breach, done by a thief to an employee’s car.Bloomberg Technology reported on Friday that a thief broke into an employee’s car and made off with payroll data for 29,000 current and former US Facebook workers.The

byDanny BradburyRansomware attacks don’t discriminate. They are just as happy targeting those with four legs as those with two.Anonymous sources told cybersecurity reporter Brian Krebs this week that National Veterinary Associates (NVA) has fallen victim to a ransomware attack that has affected hundreds of hospitals.NVA describes itself as one of the l

While intercepting traffic from a number of infected machines that showed signs of Remote Admin Tool malware known as HawkEye, we stumbled upon an interesting domain. It was registered to a command and control server (C2) which held stolen keylog data from HawkEye RAT victims, but was also being used as a one-stop-shop for purchasing hacking goods. WhiteHat

Organizations around the world are taking a more innovative approach to managing threats in today’s digital era, reveals the 19th annual Global State of Information Security Survey (GSISS).This year’s study – produced by PwC in conjunction with CIO and CSO – includes the responses of more than 10,000 business and IT security executives from over 130 countrie

Good samaritans and skinflints beware!Plugging in that USB stick you found lying around on the street outside your office could lead to a security breach.This is no secret, of course. We have all (hopefully) been aware of the dangers of inserting an unknown USB device into our computers for some time. Heck, the technique has even made it into the Mr Robot TV

British Airways Executive Club member accounts were hacked, it isn’t a data breach but hackers used credentials available in the underground. The popular security expert Graham Cluley reported that Members of British Airways Executive Club are noticing suspicious activities for their accounts. The Members of British Airw

According to the Breach Level Index, between July and September of this year, an average of 23 data records were lost or stolen every second – close to two million records every day.1 This data loss will continue as attackers become increasingly sophisticated in their attacks. Given this stark reality, we can no longer rely on traditional means of threat det