‘The Sun’ Cautions Subscribers Following Hack into Its Site
According to a warning by The Sun, numerous readers who took part during competitions the newspaper organized on its Internet site may've had their private details exposed. NakedSecurity reported this on August 2, 2011.
The details apparently included names, addresses, birth dates as also other data that were published on the Pastebin site recently, said a hacker claiming his name as Batteye, according to whom, the intrusion was into the servers of Sun on July 19, 2011.
Fortunately, no financial information including credit card particulars seem as being compromised, although questions are sure to arise as to why there wasn't any safe storage of the sensitive details of competition entrants and other readers with strong encryption.
In this connection, Senior Technology Consultant Graham Cluley at Sophos said that the cyber-thieves who stole the data could well utilize it for attacking innocent people. He cited one example wherein an online-fraudster could send an e-mail to an applicant for certain beauty contest and deceptively make her believe that the message had been sent from the newspaper, while in reality it tried to grab more information or filch money. InfoSecurity published this on August 2, 2011.
Country Manager Ash Patel for Stonesoft, Ireland and UK stated that so far as he saw the hack, the most terrible aspect of it was that the infiltrators were capable of escaping with users' residential addresses putting them at great risk. InfoSecurity published this.
Patel further stated that hackers had acquired e-mail ids and birth-dates, which they could utilize for attacking users through the dispatch of phishing e-mails that could convince recipients towards viewing a malevolent file within an attachment and divulging their bank details, alternatively it could plant Trojans or malware on their computers.
Additionally, he said that while The Sun was in some form reassured that the attackers didn't steal any financial information, he thought, that hardly made a difference.
Meanwhile, security specialists state that it's extremely vital that employees are educated about online safety as eventually it's the company alone that's responsible for its safety and a security infringement is liable to result in severe reputation damage.
Related article: “Loopholes did not cause online banking thefts”: ICBC
» SPAMfighter News - 13-08-2011