Jul 162018

More impact of the Click2Gov breach reported previously on this site. ABC Fox reports:

The city says some customers that used its Click2Gov utility payment system in 2017 may have had their credit information stolen.

A press release from the city says customers who used Click2Gov to make utility payments between July 1, 2017 and Oct. 24, 2017 are at risk. They say the security breach came to their attention when some utility customers reported seeing fraudulent activity on the same cards they’d used to pay their bills.

The city says they started a lengthy investigation, and it took two cybersecurity firms to find evidence of a security breach.

Read more on ABC Fox.

Jul 112018

Julie Iles reports that estimates of the PageUp breach impact on BP applicants has increased significantly:

BP says a hack of its online recruitment portal has compromised the data of more job applicants than initially suspected.

BP has emailed about 60,000 people who applied for jobs in its retail stores since 2008 to notify them they could have had their personal information accessed by hackers. The company originally thought about 10,000 applicants’ data had been breached.

Read more on Stuff.

Jul 102018

On May 16, DataBreaches.net reported on a breach involving MedEvolve. The breach had been reported to this site by an independent researcher, who had found that some of MedEvolve’s clients’ patient information was exposed on a public FTP server with no login required.

The MedEvolve incident was included in the May statistics compiled for Protenus’s Breach Barometer report.

Now MedEvolve has issued a statement about the incident, which you can read in its entirety below.  I will be interested to see how this is reported to HHS. As of the time of this posting, the incident is not yet listed on HHS’s breach tool.

MedEvolve Provides Notice of Data Breach
Jul 102018

CCN reports:

Popular Ethereum wallet interface and token wallet MyEtherWallet is – yet again – at the center of a significant security breach and has warned its users utilizing a popular VPN to move their funds.

MyEtherWallet (MEW) is now reeling from its second major security compromise in under three months after claiming hackers compromised Hola, a free virtual private network (VPN) service, for a five-hour period that may have left Google Chrome users’ crypto wallets compromised for merely having installed the Hola extension.

The security compromise may have enabled hackers to monitor users’ activity if they had used their MEW wallets during the time period, the company warned, urging users to move their funds out of their existing wallets – if they still have access to their tokens.

Read more on CCN.

Jul 022018

Ed Targett reports:

The personal details of Costa Coffee and Premier Inn job applicants have been stolen after a data breach of owner Whitbread’s online recruitment system, run by Australia’s PageUp, the company confirmed today.

Bedfordshire-headquartered multinational Whitbread was hit after PageUp was hacked last month, in an incident that exposed the details of current and prospective employees.

Details exposed include name, email address, physical address, telephone number and employment information. A Whitbread spokesman told Computer Business Review: “We’re not disclosing the number potentially affected.”

Read more on CBR Online.

Another update on this breach (see other PageUp posts, too): Telstra as also freezed job ads.