Archive for Hacked

Twitter’s CEO’s Twitter Account Pwned…. Here’s Why YOU Should Care

Posted in Commentary with tags on September 1, 2019 by itnerd

Twitter CEO Jack Dorsey’s account was pwned by hackers, and the hackers sent a series of incendiary tweets on Friday after his account was compromised. Dorsey’s account tweeted out “#nigger” and “Hitler is innocent,” among other inflammatory remarks. Another tweet read, “Intel is there’s a bomb at Twitter HQ.” If you want to read more about this, here’s a link. But that’s not what I am here to talk to you about. I am here to talk about how it was done. It was done via a technique called a “sim swap.”

The hackers got in through Twitter’s text-to-tweet service, operated by Cloudhopper. This service allows you to tweet by text via your cell phone. But that requires control of your cell phone. That’s where the “sim swap” comes in. The same hackers convinced Dorey’s carrier which apparently was AT&T to serve up control of his phone number and move it to a phone that they controlled to pull this off. This is not a new technique as taking control of Instagram handles and the theft of Bitcoin has been pulled off via this hack for example. But this type of hack is becoming increasingly common.

Twitter pretty much confirmed that this happened:

Every carrier everywhere on the planet is open to this type of pwnage. Thus you should take steps to protect yourself. Putting a PIN code on your account is one step to protecting yourself, My carrier which is Telus requires this when you sign up. But other carriers may or may not require this. Thus you should ask your carrier if they support PIN codes and enable that feature if they do. If a carrier doesn’t support PIN codes, it’s a carrier that you likely don’t want to be doing business with as you are wide open to being pwned because of your carrier’s lax security.

As for any apps that you want to ensure the security of, I would recommend this article from The Verge with steps to protect yourself. The fact is that you and you alone can protect yourself from ending up like Dorsey. Thus I would suggest that you read this article and take action immensely.

Advertisements

Luscious Pwned…. Almost 1.2 Million Users Affected

Posted in Commentary with tags on August 21, 2019 by itnerd

Adult website Luscious has apparently been pwned by hackers according to vpnMentor’s research team. And here’s what is floating in the wild as I type this:

The data breach gave our team access to 1.195 million user accounts on Luscious. All of these were compromised, revealing personal details of users with potentially devastating consequences. 

The private personal user details we viewed included:

  • Usernames
  • Personal email addresses
  • User activity logs (date joined, most recent log in)
  • Country of residence/location
  • Gender

Some users’ email addresses indicated their full names, increasing their vulnerability to exploitation and cybercrime.

Now the researchers admit that they think that 20% of the emails are fake. But for the other 80%, this isn’t good. The possibilities of pwnage are endless. Thus if you’ve used this site, you might want to be extra vigilant.

BREAKING: Capital One Pwned… 100 Million People Affected

Posted in Commentary with tags on July 29, 2019 by itnerd

News is breaking on sites like Bloomberg that a hacker has broken into a cloud server under the control of credit card company Capitol One and as many as 100 million people might have had their data illegally accesses.

Here’s where it gets strange. The hacker was caught:

The woman, Paige A. Thompson, was arrested Monday and appeared in federal court in Seattle. The data theft occurred some time between March 12 and July 17, federal prosecutors in Seattle said. The cloud-computing company, on whose servers Capital One rented space, wasn’t identified in court papers.

“I am deeply sorry for what has happened,” said Richard D. Fairbank, Capital One’s chief executive officer, in a statement. “I sincerely apologize for the understandable worry this incident must be causing those affected.”

About 6 million individuals in Canada were also impacted by the breach, Capital One said.

And:

The largest category of data stolen was supplied by consumers and small businesses when they applied for credit cards from 2005 through early 2019, the bank said. It included personal identification data, including names, addresses, phone numbers and dates of birth, and financial data including self-reported income, credit scores and fragments of transaction history.

About 140,000 Social Security numbers were accessed, as well as 80,000 bank account numbers from credit-card customers, the bank said.

I for one would love to know who the cloud computing company is at they have some questions to answer in terms of how this woman got in and got access to this data. Here’s why that matters:

Capital One, which is based in McLean, Virginia, has been one of the most vocal advocates for using cloud services among banks. The lender has said it is migrating an increasing percentage of its applications and data to the cloud and plans to completely exit its data centers by the end of 2020 — a move the company says will help lower costs.

If you are going to outsource stuff to the cloud, your security has to be on point. Otherwise bad things will happen to you and worse things will happen to your customers. Thus along with the cloud computing company, I really want to know what Capitol One is going to do to protect customers data going forward, and what they are going to do to protect the 100 million customers who’s data is now out there.

Back to the woman behind this hack for a second. Usually the hackers get away scott free with this sort of thing. So she was either sloppy or wanted to get caught. I say that either is in play because according to this, she posted details about it on Slack which is either mind blowingly stupid, or a clear indication that she wanted to be caught.

Stay tuned to this case as it will be interesting to watch on multiple fronts.

Desjardins Employee Leaks Customer Data…. Lots Of Customer Data

Posted in Commentary with tags on June 20, 2019 by itnerd

Sometimes it’s not people from the outside that you have to worry about when it comes to protecting your data. Sometimes you have to worry about your own employees. A case in point is Desjardins who today admitted that this happened:

A Laval police investigation, which Desjardins has been closely involved with, has revealed that the personal information of 2.9 million members (2.7 million personal members and 173,000 business members) was disclosed to individuals outside Desjardins without authorization.

The investigation quickly traced the leak to a single source: an ill-intentioned employee who acted illegally and betrayed the trust of their employer. That person was fired.

The company says that it has not been the target of a cyberattack, and that it has not seen cases of fraud with the the people who have been affected by this Passwords for business and personal accounts have not been compromised. Nor have security questions and PINs have not been impacted. Those who have been impacted the breach are being offered a 12-month credit monitoring plan paid for by Desjardins and they are monitoring the affected accounts.

This should serve as a warning to all companies who handle personal data as it’s pretty clear that bad things can happen if a bad actor inside your company decides to go rogue. And you can expect there to be some serious fallout for Desjardins over this incident.

Freedom Mobile Suffers Data Leak….Credit Cards, Email Addresses, And More Exposed

Posted in Commentary with tags , on May 7, 2019 by itnerd

If you are a Freedom Mobile customer, you might have a very good reason to be concerned about the security of your personal information. According to Tech Crunch, a server belonging to Canada’s fourth largest telco is leaking data:

Security researchers Noam Rotem and Ran Locar found an Elasticsearch server leaking five million logs containing customer data. The server wasn’t protected with a password, allowing anyone to access the data.

Rotem and Locar, who shared their findings exclusively with TechCrunch and published his report at vpnMentor, said it took the cell giant a week to secure the leaking database after first reaching out.

The database is believed to be part of a logging system used by the company to determine errors and glitches in the company’s systems. The database recorded any errors and the plaintext data associated with it, including customer data.

Data seen by TechCrunch reveals customer names, email addresses, phone numbers, postal addresses, dates of birth, customer types, and Freedom Mobile account numbers.

The logs also answers to credit checks filed through Equifax, including details if an application was accepted or rejected — along with the reason why.

We also found full credit card numbers, expiry dates and verification numbers stored in plaintext.

None of the data was encrypted.

This is a #EpicFail on the part of Freedom Mobile. Partially because the server was leaking data, and partially because someone else had to tell Freedom Mobile about it which implies that the company wasn’t on the ball. Now 15000 customers were affected and the server was secured after the researchers told them about it. Though Freedom Mobile all but tossed a company called Apptium who managed the server under the bus for this. No matter. It’s being investigated by the Office of the Privacy Commissioner and I hope they dole out the right level of punishment as this sort of thing simply cannot go unpunished.

Citrix Pwned….. Iran Connected Hackers May Have Scooped Up 10TB Of Data

Posted in Commentary with tags , on March 11, 2019 by itnerd

According to Resecurity president Charles Yoo, Citrix has been the victim of an absolutely epic hack where as much as 10 TB of data might have been stolen. Apparently the hack was focused on assets related to NASA, aerospace contracts, Saudi Arabia’s state oil company and the FBI. And Citrix CSIO Stan Black has written a blog post confirming the attack. Here’s the kicker, the hackers, who are tied to the Iranian government, used a technique called “password spraying” where attackers guess at weak passwords, and then work their way up to bigger attacks once inside. And speaking of being inside, the hackers might have been inside the Citrix network for as much as a decade before swiping all that data.

Yikes.

The FBI is investigating and I am sure given what is known about this hack, heads inside the IT department should (if there is any decency in the world) be rolling as I type this. I say that because it’s one thing to be pwned by hackers. But it’s another thing entirely to be pwned for a decade without anyone noticing. That my friends illustrates that someone inside the Citrix IT department was truly asleep at the switch.

This Latest Data Breach Has 617 Million People Affected…. Sadly, That’s Not Big Anymore

Posted in Commentary with tags on February 13, 2019 by itnerd

Another day, another data breach. This time The Register has news on a data breach that affects….. wait for it…. At least 617 million accounts:

Some 617 million online account details stolen from 16 hacked websites are on sale from today on the dark web, according to the data trove’s seller.

For less than $20,000 in Bitcoin, it is claimed, the following pilfered account databases can be purchased from the Dream Market cyber-souk, located in the Tor network:

Dubsmash (162 million), MyFitnessPal (151 million), MyHeritage (92 million), ShareThis (41 million), HauteLook (28 million), Animoto (25 million), EyeEm (22 million), 8fit (20 million), Whitepages (18 million), Fotolog (16 million), 500px (15 million), Armor Games (11 million), BookMate (8 million), CoffeeMeetsBagel (6 million), Artsy (1 million), and DataCamp (700,000).

It’s been confirmed that the data breach is real and affected sites are alerting their users and taking measures to try and protect their users. And the fact that the data is up for sale means that the effects will go on for months and years. Still, it’s not as big as the data breach that involved 2.2 billion accounts that came to light earlier this year. But it is still scary.

As for how you can protect yourself, you can visit Hunt’s Have I Been Pwned service to see if you are affected by this breach.