Business Fined Quarter of a Million for Not Securing Customer Data

The Federal Trade Commission (FTC) has fined game developer $250,000 for, among other things, failing to adequately secure their customers’ user data. While the FTC slammed Rock You for COPPA (the Children’s Online Privacy Protection Act rule) violations, in part because RockYou collected information from children under the age of 13 without parental consent, the Feds made a point of noting that “the company’s security failures put users’ including children’s personal information at risk” while at the same time claiming that they had adequate security measures in place. Adequate security measures our foot! They stored their user data in plain – i.e. unencrypted – text! The FTC settlement and fine follows a 2 year investigation into the hacking of RockYou servers in 2009 which exposed the date of 32 million users.

Aaron Swartz, Co-Creator of RSS, Arrested for Stealing Free Documents from Computer System

Aaron Swartz, a co-creator of RSS , open access advocate, and author of the Guerrilla Open Access Manifesto, and now a researcher at Harvard, has been arrested for hacking into the JSTOR system. JSTOR, which stands for “Journal Storage”, is a system that archives academic journals, and makes them available to institutions and, in a more limited version, to the public.

Social Media Pillories “News of the World” as Parliament Investigates Hacking of Dead Girl’s Cell Phone Voicemail

Twitter is aflame with calls for boycotts of Rupert Murdoch, his ‘News of the World’, ‘News of the World’s’ parent company, ‘News International’, and other Murdoch holdings, as the investigation of News of the World’s using a private detective, Glenn Mulcaire, to hack into the telephone voicemail of several young girls who had been murdered in the U.K. in 2002, and that of their families, moves into Parliament. The families of Milly Dowler, Holly Wells, and Jessica Chapman have all been informed by police that each of their telephone voicemail accounts may have been hacked, each within days of each girl’s disappearance, and each by Mulcaire, trying to get a scoop for News of the World. Among other things, Mulcaire is alleged to have hacked into Milly Dowler’s voicemail on her mobile phone, and deleted some messages, which caused Milly’s family to continue to hope that she might be found alive when she had already been murdered, and which interfered with the police investigation. Calls for Rebekah Brooks, head of News International, and a personal friend of British Prime Minister David Cameron, to step down are escalating, putting the Prime Minister in an awkward position, particularly as his Communications Director, Andy Coulson, also formerly of News of the World, has already been forced to resign his position with the Prime Minister.

NATO Says it May Go After Wikileakers, and “Hacktivists” Including Hacktivist Group ‘Anonymous’

Earlier this month, the NATO Rapporteur (and we explain what that is) released a draft report addressing, among other things, the scope and impact of the leaking of the Wikileaks documents by Private Bradley Manning, the threats and actions by “hacktivists” (activist hackers engaging in “hacktivism”), including the hacker collective known as “Anonymous”, and what counter-measures NATO and other such bodies might take.

Why The Hacked Sony PlayStation Network (PSN) is a Big Deal Security Issue for You

Lots of you are asking lots of questions about the Sony PlayStation Network (“How was the Sony Play Station Network taken down?”, “Who hacked the the Sony PlayStation Network?”, “Is it true that it was done with rooted Sony PSP handhelds?”, and, perhaps most importantly, “Is the Sony PSN secure now?” To bring you up-to-date, if you are scratching your head right now, first, the Sony PlayStation Network (referred to in shorthand as the “PSN”) was taken down last month in a concerted cyber attack which, at first Sony claimed was down due to “maintenance” but, eventually, they admitted that a hacking attack had taken them down. The hacker or hackers also caused Sony’s Qriocity services to go down. Oh, and wait – it also extended to the Sony Online Entertainment network. In short, if you have ever completed any transaction online with Sony, you need to treat your identity and credit card information as compromised.

Google Battle with China Heats Up while China Pushes Red Text Messages to Create a More Wholesome Internet

As Google threatens to pull completely out of China, following allegations that the hack attacks against Google, code named “Operation Aurora” and first disclosed by Google last month, originated at two Chinese universities with strong governmental ties, the Chinese government is trying their own brand of shaping the Internet – by encouraging its citizens to send “red text messages”, also being referred to as “red snippets” and even “red jokes” (although they are not jokes). The Chinese term actually translates as “Red Duan” – ‘duan’ relating to measurement, such as a piece or stretch of time – in other words, a red era. According to authorities in China, the red text message – or red snippet – is intended to facilitate “the spirit of Chinese culture for an Internet age” and to combat the invasion of American culture. In the meantime, Google contemplates pulling out of China altogether after their discoveries in the wake of the Operation Aurora hacks, unless China agrees to allowing uncensored search.

Facebook Apps Gone Wild – Rampaging Phishing Facebook Applications Stealing Usernames and Passwords

A plague of rogue Facebook applications that are stealing user credentials – such as usernames and passwords – has been sweeping Facebook in the past week. The phishing Facebook apps work the same way that many other applications do – including sending an email to your Facebook friends, with links to click on, and when you type in your username and password, BAM! Your login credentials have been stolen.

Use Facebook and Gmail? Your Gmail Password May be at Risk!

If you use Gmail, and also use Facebook, it can be very easy for someone to password crack and access your Gmail account using Gmail’s recover password retrieval feature. This is because Gmail’s access password recovery feature allows anybody to guess the answer to your “forgot password” reset security question. And if the answer to your forgotten password reset security question happens to be information easily gleaned from your Facebook account (or some other social network information), then password hacking your Gmail account is as easy as typing in that password protection answer. (And we use the term “password protection” loosely.)

WordPress Comment Spam Hack Disables Plugins and Allows Massive Comment Spam Injection

A new hack has Wordpress hackers disabling all of your Wordpress plugins (including, you see, Akismet or any other anti-spam comment spam stopper plugin), which then allows them to inject comment spam into your blog at will. So if you suddenly find yourself getting an enormous amount of comment spam all at once, or if you suddenly find your blog pages coming up blank (because with your plugins disabled, that often can be the case) you may be the victim of this latest plugin-disabling comment spam hack.