Categories Search

Daily hacking

Video Preview

Unidentified hackers breached travel records at the US Department of Defense, the US military said, reported Deutsche Welle (Germany).

The department uncovered the breach on October 4, but a defense official told the Associated Press news agency that it may have occurred months earlier. The perpetrators were able to gain access to the personal and credit card data of up to 30,000 workers, he added.

"The department is continuing to assess the risk of harm and will ensure notifications are made to affected personnel," the department said in a statement. It added that it was investigating the scale of the breach and the identity of the hackers.

The announcement came days after a US government report criticized the Department of Defense for slow progress in securing major US weapons systems from hackers.

Cybersecurity has become a high priority in the US military amid growing concerns about large-scale hacks from China and Russia. The department has said hackers attempt to breach its systems thousands of times a day.

***

Could hackers have been able to see the last person you cyberstalked, or that party photo you were tagged in? According to Facebook, the answer is “yes”, reported South China Morning Post (Hong Kong).

The social network said fewer users were affected in a security breach it disclosed two weeks ago than originally estimated – nearly 30 million, down from 50 million. Also, the company said hackers were not able to access more sensitive information like passwords or financial information. Also, third-party apps were not affected.

Still, for users already uneasy about the privacy and security of their Facebook accounts after a year of tumult, the details hackers did gain access to – gender, relationship status, hometown and other information – might be even more unsettling.

Facebook has been quick to let users check exactly what was accessed. But beyond learning what information the attackers accessed, there’s little users can do beyond watching out for suspicious emails or texts. Facebook says the problem has been fixed.

The company set up a webpage where its 2 billion users can check whether their accounts were accessed and what information was stolen, as well as how to spot and deal with suspicious emails or texts.

Facebook said the hackers accessed names, email addresses or phone numbers from these accounts. For 14 million of them, hackers got even more data – basically anything viewable on your account that any of your friends could see, and more. It’s a pretty extensive list: username, gender, relationship status, religion, hometown, self-reported current city, birth date, device types used to access Facebook, education, work, the last 10 places you checked into or were tagged in, your website, people or pages you follow and your 15 most recent searches.

An additional 1 million accounts were affected, but hackers did not get any information from them.

The company isn’t giving a breakdown of where these users are, but said the breach was “fairly broad”. It plans to send messages to people whose accounts were hacked.

Facebook said the FBI is investigating, but asked the company not to discuss who may be behind the attack.

The company said it has fixed the bugs and logged out affected users to reset those digital keys.

Facebook vice-president Guy Rosen told reporters on Friday that the company has not ruled out the possibility other parties might have launched smaller scale efforts to exploit the same vulnerability before it was disabled.

Patrick Moorhead, founder of Moor Insights & Strategy, said the breach appeared similar to identity theft breaches at companies including Yahoo and Target in 2013.

“Those personal details could be very easily be used for identity theft to sign up for credit cards, get a loan, get your banking password, etc,” he said. “Facebook should provide all those customers free credit monitoring to make sure the damage is minimised.”

Thomas Rid, a professor at Johns Hopkins University, also said the evidence, particularly the size of the breach, seems to point to a criminal motive rather than a sophisticated state operation, which usually targets fewer people.

“This doesn’t sound very targeted at all,” he said. “Usually when you’re looking at a sophisticated government operation, then a couple of thousand people hacked is a lot, but they usually know who they’re going after.”

show source

Rating: (0)
Location: Show map
Location: Show map
Tags: hacking
Share report:
Share on Facebook
If you want to buy or a sell a report
go to marketplace
Marketplace

Comment report: