Weekly Breach Roundup
Restaurant Chain Reports Breach; U of Neb. Breach GrowsIn this week's breach roundup, the Penn Station restaurant chain reported a breach affecting 43 locations. Also, the impact of the University of Nebraska breach is wider than first reported.
See Also: Are You APT-Ready? The Role of Breach and Attack Simulation
Restaurant Chain Reports Card Breach
Penn Station Inc. has confirmed that 43 of its 235 U.S. restaurants may have been affected by a payments breach that exposed credit and debit details.
In a June 1 statement and list of frequently asked questions posted on Penn Station's corporate website, the restaurant chain identifies franchise locations in Illinois, Indiana, Kentucky, West Virginia, Michigan, Missouri, Ohio, Pennsylvania and Tennessee that may have been affected by the attack.
U of Nebraska Breach Grows
The impact of a University of Nebraska breach is wider than first reported. The incident also affected a database for the Nebraska State College System that stores student information from three state colleges.
Romney's E-mail Possibly Hacked
An unnamed hacker claims to have cracked Mitt Romney's personal Hotmail account by correctly answer the security question: "What is your favorite pet?" That's according to a tipster who alerted the website Gawker. Gawker alerted the Romney campaign, which issued a statement: "The proper authorities are investigating this crime and we will have no further comment on it."
Hacktivists Target China Telecom, Warner Bros.
Hacktivist group Swagger Security claims to have breached Internet service provider China Telecom and Warner Brothers, according to a message posted to Pastebin. During the cyber-attack, the hackers claim they were able to grab 900 administrative user credentials from China Telecom and critical "confidential" IT data and other miscellaneous items for Warner Brothers.
CloudFlare Founder's Gmail Account Hacked
Matthew Prince, founder of CloudFlare, a web performance and security company, reported on a security flaw in Google App's two-factor authentication process that allowed a hacker to gain control of his account. In a blog post, Prince explained that the hacker used Google's account recovery process to hijack his CloudFlare.com e-mail address, which is hosted through Google Apps. The blog doesn't explain if the breach affected other CloudFlare customers, but according to Prince, Google has since addressed the flaw.