If you thought you had data breach fatigue, prepare to be exhausted this week:
- Hacker tries to scam Internet with fake DropBox password database – DropBox refutes the claim, noting the “proof of hack” provided consisted of known stolen passwords from other sources.
- Kmart Hacked – Undisclosed Quantity of Credit Card Numbers Stolen – Sears-owned retail outlet may have been a victim of known point-of-sale malware “Backoff”, says no identity info stolen, just credit and debit card numbers.
- SnapChat denies it was source of potential racy photo leak – Third-party addon app “SnapSaved” blamed for providing an avenue for hackers to save pictures from SnapChat. SnapSaved admits to security breach, but downplays claims that hackers could provide a “searchable” database of photos.
- NATO Summit Gets Breached by Russian Hackers – Hackers whom security analysts believe to be Russian exploited a Zero-day flaw in Windows operating systems through a spearphishing campaign targeting Ukrainian government workers, leading to breaches on government servers and probably information leaks from Summit proceedings.
- Google Documents Flaw in SSL 3.0 Protocol – Google documents a serious flaw in encryption protocol SSL 3.0, immediately removes it from Chrome web browsers. Though outdated, SSL 3 is still widely used as a fallback protocol when newer protocols fail to function.
- 850K Records Exposed in Oregon Employment Dept Website Breach – State-run website exposes personal information on hundreds of thousands of job seekers. No financial information was exposed, but leaked info could lead to identity theft.