Wired: The Wired Guide To Data Breaches. “Think of data breaches as coming in two flavors: breaches of institutions that people choose to entrust with their data—like retailers and banks—and breaches of entities that acquired user data secondarily—like credit bureaus and marketing firms. Unfortunately, you can’t keep your information perfectly safe: It is often impossible to avoid sharing data, especially with organizations like governments and health insurers. Furthermore, in cases where a company or institution gives your information to an additional party, you’ve often agreed to sharing more data than you realize by clicking ‘I accept’ on a dense user agreement.”
Threatpost: 1-800-Flowers Becomes Latest Payment Breach Victim. “Those buying flowers for Mother’s Day or looking to send a plant for a birthday could find their thoughtful gestures reaping a crop of misery: Payment card data has been lifted from the Canadian online outpost of 1-800-Flowers, in an incident that has persisted for four years.” Since August 2014. That’s bonkers.
BBC: Quora says 100 million users hacked. “Question-and-answer website Quora has been hacked, with the names and email addresses of 100 million users compromised. The breach also included encrypted passwords, and questions people had asked.”
Krebs on Security: What the Marriott Breach Says About Security. “We don’t yet know the root cause(s) that forced Marriott this week to disclose a four-year-long breach involving the personal and financial information of 500 million guests of its Starwood hotel properties. But anytime we see such a colossal intrusion go undetected for so long, the ultimate cause is usually a failure to adopt the most important principle in cybersecurity defense that applies to both corporations and consumers: Assume you are compromised.”
The Verge: Someone hacked printers worldwide, urging people to subscribe to PewDiePie. “The fight over who gets to have the most-subscribed channel on YouTube spilled into the real world months ago when Felix ‘PewDiePie’ Kjellberg fans started campaigning to raise awareness of the Swedish star. The grassroots effort has, for the most part, been in good fun — but recently, people on social media have reported being hacked by someone who is urging them to subscribe to PewDiePie.”
Bloomberg: Marriott Hit by Starwood Hack That Ranks Among Biggest Ever. “The attack is troubling not just because of its sheer size, but also the level of detail potentially stolen by the attackers. The hack affects some 500 million guests, and for about 327 million of them, the data included passport numbers, emails and mailing addresses, Marriott said. Some credit card details may also have been taken.”
TechCrunch: Hackers are using leaked NSA hacking tools to quietly hijack thousands of computers . “More than a year after patches were released to thwart powerful NSA exploits that leaked online, hundreds of thousands of computers are unpatched and vulnerable. First they were used to spread ransomware. Then it was cryptocurrency mining attacks. Now, researchers say that hackers are using the leaked tools to create an even bigger malicious proxy network.”