Zappos Data Breach consolation might be the most egregious one yet

Back in 2011, I signed up for a Zappos account so I could buy pants for a wedding I was in. Then I returned them because they didn't fit. I ended up buying them at the local Macy's instead (although I bought the wrong shade of grey, oops).

That should have been the end of my relationship with Zappos. Until I received this email the other day:

Zappos put me at risk by exposing my data. And the best mea culpa they can offer is "Here's a discount so you can help us to increase our Q4 revenue!" That might be even pathetic than the $125 offering from Equifax. Equifax may have exposed more personal information, but unless I plan on buying a $2,000 pair of John Lobb boots from Zappos—thus giving $1800 back to the company that just screwed over my data—then I'm basically getting nothing.

To be clear, Zappos offer here has only been preliminarily approved by the court in charge of the settlement. If enough people say, "I'm not paying you to pay me financial damages," the judge may change their mind. But I wouldn't hold my breath. If the only consequence to expose customer data is increasing Q4 revenue, then there's never going to be any incentive for any company to give a shit about the personal information of the people who keep them in business. And that's not a healthy economy.

Image: Patrick Kitely/Flickr Read the rest

DoorDash data breach: 4.9 million customers, workers, and merchants' info stolen

Another data security disaster for 'food delivery on demand' startup DoorDash, and it's not their first. The company confirms a data breach, and says sensitive information belonging to 4.9 million individual customers, delivery workers, and merchants -- all stolen by hackers. Read the rest

Data Breach: Millions of Instagram 'influencers,' celebrities, and brands' data found online

A massive database hosted on Amazon Web Services (AWS) for Mumbai-based internet company Chtrbox that contained contact info for millions of Instagram accounts for influencers, celebrities and brands has been discovered leaked online. Read the rest

Millions of rehab records leak, including patient names – nearly 150,000 affected

There is a federal criminal investigation into Facebook's data-sharing deals

The Eastern District of New York empaneled a Grand Jury into the dirty data dealings of Facebook.

Was that huge 2017 Equifax data breach part of a nation-state spy scheme?

That massive Equifax data breach on September 7, 2017, shocked everyone, but a year and a half later, where the data of all those 143 million Equifax users ended up is still a mystery. Read the rest

NASA got hacked

It seems that we can't have nice, unhacked things. According to Gizmodo, someone has hacked NASA's personnel database to gain access to social security numbers and other personal information of the space agency's staff.

News of the security breach was only disseminated via memo to NASA's employees on December 18th, despite the fact that the agency became aware of the hack back on October 23rd.

From Gizmodo:

According to the memo, NASA is working with federal investigators to determine the extent of the breach and who might be responsible. It said that servers were accessed that contained the personal information of employees that worked at the agency between July 2006 and October 2018. The message was sent to inform employees to take the necessary precautions to prevent possible identity theft. It seems that investigators still haven’t narrowed down the employees who may have been effected, however the agency promised to notify individuals as that information becomes available.

When contacted for comment by Gizmodo, a NASA spokesperson could not say exactly how many employees’ information was potentially exposed, but they did confirm that the agency “does not believe that any agency missions were jeopardized by the intrusions.”

If anyone knows who's responsible for the hack, they're keeping their mouths shut about it. Hacking's so hot right now -- the breach could have been pulled off by anyone from a code-savvy lone-acting lady at a coffee shop to a high-falootin' government sponsored collective in Eastern Europe. Also, China. It'll be interesting to see what, if anything, is done with information that was obtained during the hack. Read the rest

Marriott hack blamed on China

That massive data breach that hit hotel group Marriott? Now there are clues the hackers behind it were working for a Chinese government intelligence gathering operation. Read the rest

Quora says data breach affects 100 million users

The question-and-answer sharing website Quora says about 100 million users were affected by a hack blamed on a “malicious third party.” Read the rest

Marriott-Starwood data breach: 500 million guests may be affected, hackers active since 2014

How bad is the Marriott/Starwood breach disclosed today? "Unauthorized access to the Starwood network since 2014 … For approximately 327M of these guests, the info includes some combination of name, mailing address, phone number, email address, passport number.”

Marriott says information from as many as 500 million people has been compromised, and credit card numbers and expiration dates of some guests may have been taken. Read the rest

Facebook: Hackers got (very) personal data from 29M users. FIND OUT if your info was breached.

The good news: Facebook downgrades the number of accounts hit in the breach they disclosed two weeks ago to 29 million, down from 50 million. The bad news: Uh, that's still a LOT. And if you were one of those 29 million Facebook users, A LOT of your intimate personal data was stolen. Read the rest

Facebook: 50 million users’ personal information exposed in mega breach

Facebook says an attack on its network left the personal information of some 50 million users—perhaps you?—exposed to hackers. Who were the hackers, and what did they want? Facebook doesn't know, or won't say. But the company has confirmed that execs Mark Zuckerberg and Sheryl Sanders were among the users affected.

“We have a responsibility to protect your data, and if we can’t then we don’t deserve to serve you,” Zuckerberg said about Facebook's Cambridge Analytica scandal earlier this year.

Well. You heard the man. Read the rest

MyHeritage leaks data of 92 million who use the genealogy and family tree website

A security breach affected the MyHeritage website, and leaked the personal information of over 92 million users, the Israeli company said Tuesday. Read the rest

Facebook gave user data to 'at least 4 Chinese companies,' including tech giant ID'd as security threat by U.S. intel

Despite Mark Zuckerberg's internal war on transparency, the Facebook data abuse reveals just keep on coming. Read the rest

SEC fines Yahoo (now Altaba) $35 million over massive data breach

How the once mighty have fallen. Read the rest

How did an Ohio inmate get prison administrators' usernames and passwords?

Ohio authorities are investigating how a prisoner obtained a list of the usernames and passwords for prison administrators. Read the rest

With faked degrees, U.S. tech official ran law enforcement data systems for years. Then he resigned, got a new gov job.

“A key Interior technology official who had access to sensitive systems for over five years had lied about his education, submitting falsified college transcripts produced by an online service.”

More posts