Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: security curmudgeon (jerichoattrition.org)
Date: Thu Apr 16 2009 - 01:50:49 CDT
[Although the article uses "personal information", the focus is on
authentication credentials. It isn't clear the extent of the information
compromised on these sites. - jericho]
---------- Forwarded message ----------
From: InfoSec News <alertsinfosecnews.org>
By Park Yu-mi, Kim Mi-ju
April 16, 2009
Two computer programmers were indicted yesterday on charges of hacking
into Web sites and obtaining personal data of 2.3 million persons and
using part of that information to post spam advertisements on Naver and
other Web sites.
According to investigators at the Seoul Central District Prosecutors’
Office, the pair allegedly hacked into more than 100 Web sites from
January 2008 until February of this year.
They targeted Web sites for games, florists, real estate agencies and used
car dealerships that have vulnerable security systems.
“They developed their own computer program to sort out whether some of
the users’ stolen IDs and passwords collected from various Web sites
were identical to Naver IDs and passwords,” said Roh Seung-kwon, the
prosecutor in charge of the case.
The suspects took advantage of the practice by some Internet users of
using the same ID and password to access different Web sites, he added.
Dataloss Mailing List (datalossdatalossdb.org)
CREDANT Technologies, a leader in data security, offers advanced data encryption solutions.
Protect sensitive data on desktops, laptops, smartphones and USB sticks transparently
across your enterprise to ensure regulatory compliance.