Hackers offering around 80,000 users database for 1BTC
However, users of Cloudminr.io are recommended to change their passwords at any other service that uses the same combination of username and password as their Cloudminr account.
"I don't think your intention is to expose personal information about Gaana users, but to highlight a vulnerability," Gajwani added. "Consider it highlighted, and we're 100% on it. Can I request that you take down access to the data, and delete it completely?"
"I hereby confirm that no financial information was accessed during the hack of Gaana.com .. Database was so huge that I didn't even bother looking and no information was dumped and stored locally .. not even a single row," Mak Man said in a Facebook Post.However, even if the Hacker claims that he has not downloaded the Gaana.com database by exploiting the SQL injection vulnerability, doesn’t mean that nobody else has exploited the flaw, as the loophole in the website was open from last few months.
“AT&T’s commitment to customer privacy and data security are top priorities, and we take those commitments very seriously. We recently determined that employees of one of our service providers violated our strict privacy and security guidelines by accessing your account without authorization between April 9 and April 21, 2014, and, while doing so, would have been able to view your social security number and possibly your date of birth,” the letter says.
“AT&T believes the employees accessed your account as part of an effort to request codes from AT&T that are used to unlock AT&T mobile phones in the secondary mobile phone market so that those devices can then be activated with other telecommunications providers.”
"Due to the way the intruder extracted information from the database, we have detailed logs of what was accessed. The logs indicate that primarily moderator account names and credentials were targeted," reads the blog post.
Between July 22, 2013 and August 2, 2013, in connection with an unrelated criminal investigation, the FBI obtained a copy of a computer server located in France via a Mutual Legal Assistance Treaty request to France, which contained data and information from the Tormail email server, including the content of Tormail email accounts,” reads a portion of the criminal complaint against Roberson unsealed last week. “On or about September 24, 2013, law enforcement obtained a search warrant to search the contents of the Platplus Tormail Account, which resided on the seized Tormail server.
"Michaels said in its statement that it had "recently learned of possible fraudulent activity on some US payment cards that had been used at Michaels, suggesting that the company may have experienced a data security attack" company said.
We are concerned there may have been a data security attack on Michaels that may have affected our customers’ payment card information and we are taking aggressive action to determine the nature and scope of the issue.
A cracker managed to exploit a vulnerability in the forum software which made it possible to upload files and gave access to the forum database.The team explained, they are using single-sign-on system (Access Manager from NetIQ) that manage the real passwords.
Credentials for your openSUSE login are not saved in our application databases as we use a single-sign-on system (Access Manager from NetIQ) for all our services. This is a completely separate system and it has not been compromised by this crack. What the cracker reported as compromised passwords where indeed random, automatically set strings that are in no way connected to your real password.
Want the most interesting Hacking and Cyber Security News delivered automatically to your inbox? Subscribe to our FREE Newsletter and eBooks.
No Thanks, I'm not Interested in Hacking