Snapchat hacked. Millions of Accounts Compromised

(CNN) — Hackers appear to have posted account info for 4.6 million users of quickie social-sharing app Snapchat, making usernames and at least partial phone numbers available for download.

The data were posted to the website SnapchatDB.info. By late Wednesday morning, that site had been suspended.

The hack was seemingly intended to urge Snapchat to tighten its security measures. The anonymous hackers said they used an exploit created by recent changes to the app, which lets users share photos or short videos that disappear after a few seconds.

“Our motivation behind the release was to raise the public awareness around the issue, and also put public pressure on Snapchat to get this exploit fixed. It is understandable that tech startups have limited resources but security and privacy should not be a secondary goal. Security matters as much as user experience does,” the hackers said in a statement to technology blog TechCrunch.

http://www.cnn.com/2014/01/01/tech/social-media/snapchat-hack/index.html

Advertisements

Christmas Came Early For Hackers: 2 Million Social Media Accounts Hacked, Big U.S. Bank Data Stolen

Hackers Stole 2M Facebook, Google Passwords: How to Protect Your Accounts

Dec. 5, 2013

Any time you logged into Facebook, Google, Twitter, or a host of other popular web services the past month, there may have been a hacker peering over your digital shoulder, sneaking a peek at your password.

The information security company Trustwave has revealed that the passwords to 2 million different accounts have been compromised. The malware program Pony forwarded the vast majority of the passwords to a central server in the Netherlands.

John Miller, security research manager at Trustwave, said that the hack wasn’t due to a flaw in any of those company’s servers. “It was the individual users’ computers that had the malware installed on their machine,” he told ABC News. He adds that the unnamed hackers were most likely motivated by profit. “These passwords were never publicly posted. We can’t say for sure, but [the hackers] were probably going to sell them.”

http://abcnews.go.com/Technology/hacker-group-stole-million-stolen-facebook-google-passwords/story?id=21109910

 

JP Morgan Chase Hacked: 465,000 Card  Users’ Data Gone

JPMorgan Chase, one of the world’s biggest Banks has recently announced that it was the victim of a cyber attack and warned round 465,000 of its holders of prepaid cash cards on the possible exposure of their personal information.

In the Security Breach that took place on the bank’s website www.ucard.chase.com in July, around 465,000 accounts are compromised i.e. 2% of the overall 25 million UCard users. JPMorgan confirmed that there is no risk for holders of debit cards, credit cards or prepaid Liquid cards.
 
They informed the law enforcement in September, and till now no information on how attackers have conducted the attack has been disclosed.

http://thehackernews.com/2013/12/JPMorgan-Chase-bank-card-hacked_5.html 

RT Use VPN! Former ‘Most Wanted Hacker’ Mitnick talks Snowden, NSA, and privacy

Once the most-wanted hacker in the US, Kevin Mitnick, the cracker extraordinaire and virtual ghost in the wires, spoke with RT about NSA snooping, Snowden’s status as a whistleblower or traitor and the virtues of VPNs in our surveillance saturated world.

RT: We’ve got hundreds of people writing you on Twitter, and the most popular question is, ‘how can citizens protect data and communications while still using popular corporate software and services.

KM: Well it’s pretty scary, because now, with the revelations from Snowden, that allegedly the NSA has approached and partnered with a lot of companies to develop security software, to develop VPN [virtual private network] technology, they might have intentionally weakened this technology so they can intercept communications. But an average citizen, if they are not a terrorist, they are really not concerned about an intelligence agency intercepting communications, but more a criminal organization. So the first thing I’d recommend to the average person on the street is, whenever you’re out in the public, or you’re in a hotel like I’m in a hotel in Moscow, or using public wi-fi, is use a VPN service. Because what that immediately does is, it takes your data and it kind of puts it in an encrypted envelope so that people can’t really intercept and spy on that. So as a consumer I would think about using a VPN service, and they’re pretty cheap.

RT: But anything can basically be hacked.

KM: Everything can be hacked if your adversary has enough time, money and resources. And of course intelligence agencies have unlimited budgets.

RT: Is there any way to stop hackers, like making strict laws or a governmental department that will follow them? Is that possible?

KM: I don’t think so. Hacking has been going on since the 1960s and it hasn’t stopped yet. I mean I started hacking in the early 90s and it’s only gotten worse; it hasn’t gotten better.

RT: Another popular question on Twitter: Is it okay to bank online?

KM: Well, I look at it this way, like using my credit card over the Internet, I do it all of the time and at least I don’t really care if somebody steals my credit card number. Do you know why? Because at least in America, if there is any fraud on the account, I simply call up the bank and they take the charge off. I have to basically sign a letter, an affidavit that it wasn’t me, and the problem goes away. Now in some countries that might be different, where the consumer has the burden of proof, then I’d be a little bit concerned, but it’s really where does the liability lie? Does it lie with the consumer, does it lie with the merchant, does it lie with the bank?

RT: Could a boycott of tech gadgetry, like iPods, firms like Verizon and Google, who are giving our info to the NSA, deter them?

KM: No. I don’t think so. This is like the form of hacktivism where you have a group of individuals, whether its LulzSec or Anonymous, and they break into stuff and they try to get the media to cover the message they want to send, but at the end of the day it doesn’t really change the behavior of a government agency or a company. Basically, they go out and try to prosecute the guys. The thing that I have seen change, and I wouldn’t call Snowden an activist, I would call him a whistleblower, is because of his exposures of what the government has really been doing, now that has created change and debate and stuff like that. That’s the only time I have really seen it.

http://rt.com/op-edge/kevin-mitnick-vpn-network-775/