Security Breaches

Follow Marin Events

• HomeUpNeeded Gun Reform & Questions about guns in the United StatesTam School District to spend $450millionSave Santa Venetia from fireUSPS Petaluma replaced by OaklandWHAT ARE SPECIAL DISTRICTS2016 Election MeasuresABAG MTC Stifle DissentMarin's Law Suit against Fossil Fuel Corps.AB 2406 Junior Dwelling Unitsis a Marin Charter School being favored?Marijuana in MarinCut the Cord or just cut ComcastReverse MortgageNoisey NeighborSecurity BreachesSome ECLECTIC Shopping CatalogsMarin Bike Count - $28 Million WastedJohn Muir Transcription ProjectTRUE GOPHER STORYHigh Sierra Lakes •
•  •

Why you should keep your debit card at home 

Mathias Karlsson, an IT security researcher recently breached the security of popular password managers LastPass and reported the issue to the firm..  LastPass who fixed the flaw immediately and paid him $1000. In another case, Tavis Ormandy, a Google Security Team researcher exposed a message-hijacking bug that affected the LastPass Firefox addon.

2005 TJ Maxx, Marshalls 45 million credit cards
2009 Heartland Payment Systems 160 million
2011 SONY 100 million
2012 LinkedIn -- hundreds of millions of passwords
2013 160 million - JC Penney, 7-Eleven, Nasdaq, Dow Jones, JetBlue
2013 Global Payments 1.5 million
2013 JPMorgan Chase 465,000
2013 MySpace 360 million accounts
2013 Adobe 150 million,
2013 Target 40 million
2014 Michaels, SuperValu, Neiman Marcus and Sally Beauty
2014 Home Depot 56 million customer debit and credit cards,
2014 JPMorgan Chase compromised more than 76 million accounts.  óvia The New York Times
2014 Supervalu Inc. (SVU) and AB Acquisition LLC, the operator of the Albertsons supermarket chain.
2014 Sears Holdings Corp. (SHLD)ís Kmart -- Customer payment-card information was probably exposed
2014 Staples 1 million Credit Cards cardholder names, card numbers, expiration date, and verification codes. At 113 stores.
2014 YAHOO 500 million names, email address, birth dates, and scrambled passwords, along with encrypted or unencrypted security questions and answers. Did not include unprotected passwords  (Yet Yahoo is asking users to change passwords, and recommending anyone who hasn't done so since 2014) . Did not include information associated with payments or bank accounts. Yahoo waits till September 22 2016 to tell users to change their passwords!
2015 BlueCross, BlueShield  1.1 million names, birth dates, email addresses and subscriber information
2015 (discovered) Dec2013 - Apr2014, $1 billion cyberheist, 100 banks worldwide. Made fraudulent transfers and hijacked ATMs appear legitimate.
2015 Premera BlueCross BlueShield January 11.2 million subscribers - names, birth dates, Social Security numbers, bank account info, addresses & other info.
2015 password management company LastPass, email addresses, password reminders, user salts and authentication hashes.
2015 Army National Guard, Social Security numbers, home addresses and personal info of 850,000 National Guard members.
2015 Health Insurer Anthem 80 million patient and employee records. names, dob, SSNs, ID numbers, home addresses, email addresses, employment information, income data and more.....
2015 Government Office of Personnel Management, one of the biggest cyberattacks in history. 21.5 mil federal workers.
2015 Experian 15 million T-Mobile Customers Names, addresses, Social Security numbers, birthdates and driver's license numbers
2016 WENDYS Credit Cards in 1,025+ of its restaurants. A "service provider" had remote access to tills - Malware had been installed.
2016 AdultFriendFinder,, Penthouse, Stripshow, and -- 400 million usernames, emails, and passwords
2016 57 million Uber users around the world,  names, email addresses and mobile phone numbers,  driverís license numbers of around 600,000 drivers in the US. (disclosed Nov 2017)
2017 Uber, Fitbit, OkCupid and 1Password are among Cloudflareís millions of clients, and itís possible that personal data such as passwords and cookies leaked
2017 Equifax - 143 million American's ó Social Security numbers, birth dates and home addresses --disclosed Feb 2018: tax identification numbers, email addresses and driversí license information beyond the license numbers,
2018 ORBITZ purchases made by 880,00 customers in 2016 and most of 2017 - names, addresses, phone numbers, and email addresses, as well as other personal information.
2018 Under Armour 150 million MyFitnessPal app accounts (earlier this year). usernames and email addresses
2018, Apr SAKS, Lord & Taylor 5 MILLION  debit and credit cards used in stores ( not online) over one million of these cards have been sold already on the DARK WEB (Apr 2nd). 

That list is expected to grow even longer. The Department of Homeland Security warned that more than 1,000 U.S. retailers may have been infected with malware lurking in their payment systems.,2817,2474004,00.asp?mailingID=82C820B74C7C9369EE9D9317B6B0B744?mailing_id=1134846

After I canceled the debit card ( with a $500 max) that I was using to pay Adobe -- I went out and bought a cash card to pay them instead.
Unless you REALLY need to run up debt -- anyone using a credit card in a store, these days, is just plain ignorant. Carry and use CASH .

Mandiant Consulting seems to be the go-to Security Consultant .

 SESSION RECORDING: " records visitors' keystrokes, mouse movements, and scrolling behavior in real time, even before the input is submitted or is later deleted." data being sent letter-by-letter as it is typed. The userís full credit card number, expiration, CVV number, name, and billing address are leaked on this page. Email address and gift card numbers are among the other types of data leak

Corporations using  SESSION RECORDING:,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,