Worst security snafus of 2012

By , Network World |  Security

" GoDaddy, which suffered a service outage that made many customers' websites inaccessible, said the outage was not the result of an external hacker, negating claims by a supposed Anonymous affiliate who had claimed responsibility.

" Dallas law enforcement authorities arrested self-professed Anonymous spokesman Barrett Brown in what appeared to have been a dramatic raid of his apartment while Brown was in the midst of a live online video chat session. The Dallas County Sheriff's Office confirmed the arrest and Brown was transferred to an FBI facility.

" A small New York-based company named Bitfloor, which specializes in exchanging Bitcoins, was forced offline after hackers stole about $250,000 worth of the virtual currency. Though later returned online, Bitfloor's founder Roman Shtylman called the hack "devastating," saying the cost well exceeded revenues he made since launching BitFloor in October 2011. He laid blame on himself, saying he had left the private keys needed to unlock and transfer Bitcoins on an unencrypted disk.

" Unknown attackers compromised a download mirror server for the SourceForge software repository, rigging the installer package for phpMyAdmin, a popular admin tool, with a backdoor. SourceForge is a Web-based collaborative software development and repository system that hosts more than 324,000 software development projects and serves 46 million users. The affected SourceForge mirror server was based in Korea and was compromised around Sept. 22, the SourceForge team said, which advised users to check for the phpMyAdmin software and upload a fresh copy.

" Facebook agreed to delete all facial recognition data it had collected from European users and switch off the feature by Oct. 15 after hearing complaints about it raised by privacy regulators in Ireland and Germany that contend storing facial data violates European data-privacy laws.

" The Federal Trade Commission said in a report chastising Facebook that for close to a year, Facebook operated a for-profit application security testing service that was little more than a sham, taking money from application developers with false promises to vet their creations for security holes. Instead, the FTC concluded that Facebook banked the money and put a "Facebook Verified App" logo next the application, without bothering to do any additional auditing of the submitted application. Facebook said it wouldn't comment on the FTC report.


" Hackers grabbed 300,000 records from Northwest Florida State College computer systems, including names, Social Security numbers and bank routing numbers of students, teachers, staff and retirees, the school disclosed, saying the data breach apparently occurred between May and September, resulting in the identify theft of at least 50 employees.

Originally published on Network World |  Click here to read the original story.
Join us:






Answers - Powered by ITworld

Ask a Question