Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: security curmudgeon (jerichoattrition.org)
Date: Wed May 23 2012 - 18:13:07 CDT
---------- Forwarded message ----------
To: Infowarrior List <infowarriorattrition.org>
Begin forwarded message:
> From: Duane
> Hackers Impersonate Web Billing Firm's Staff To Spill 500,000 Users' Passwords And Credit Cards
> Andy Greenberg, Forbes Staff
> 5/22/2012 11:26AM
> British Web billing firm WHMCS is reeling from an attack that spilled
> its user accounts, deleted reams of data, temporarily took its site
> offline, and hijacked its Twitter feed?all seemingly the result of a
> smooth-talking hacker con.
> A WHMCS spokesperson wrote in a statement Tuesday morning that hackers
> had successfully impersonated him to fool the company?s Web host into
> giving them access to the company?s account details. ?This means that
> there was no actual hacking of our server,? the spokesperson wrote.
> ?They were ultimately given the access details.?
> The intruders, a hacktivist group that calls itself UGNazi, ultimately
> leaked a 1.7 gigabyte trove of data from the British web hosting firm
> that includes 500,000 users accounts according to the UK tech news site
> the Register, including some number of credit card details. The company
> wrote in an earlier statement that the hackers accessed both users?
> passwords and their payment details, and that both sets of data were
> encrypted, though company warned that the credit cards may nonetheless
> be at risk, and that users should change their passwords.
Dataloss Mailing List (datalossdatalossdb.org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list
Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
Tenable Network Security (http://www.tenable.com/)
Tenable Network Security provides a suite of solutions which unify real-time
vulnerability, event and compliance monitoring into a single, role-based, interface
for administrators, auditors and risk managers to evaluate, communicate and
report needed information for effective decision making and systems management.