Below are leaks that were reported last week.
Wendy’s Continued – Now over 1025 restaurants – Reported last week, leaked data was credit card data (maybe yours!) from transactions at Wendy’s restaurants. This breach began in the Fall of 2015 and wasn’t discovered until early this year. Wendy’s confirmed this week that even more restaurants are involved and you can now find out if the restaurant that you visited was hit using this handy web page. How nice of them.
Datadog – Number of records is undisclosed – Leaked data was usernames, passwords and e-mail addresses; all of them, apparently. Multiple servers at Datadog were breached, including a database server that housed the login info. Customer listed as Datadog users includes big dogs like Spotify, PBS, Slashdot, Samsung, Imgur, Coursera, The New York Times, and Ziff Davis. Passwords were stored using a unique salt for each password and then each password was encrypted with bcrypt which is resistant to brute-force attacks. Despite the strong storage methods used for the passwords, Datadog has invalidated all stored passwords and sent e-mails to all users with reset instructions. More info can be found from our friends at Sophos here. Yes, that’s a blatant plug.
Omni Hotels – Number of records is undisclosed – Leaked data includes Point of Sale (POS) data which includes credit card cardholder name, credit/debit card number, security code and expiration date. The data was discovered missing on May 30, 2016, according to Omni Hotels, which wrote up the breach details on their own website. The cause of the breach was due to malware that infected POS systems and only affected customers who physically presented their credit cards at one of the effected hotels between December 23 2015 and June 14 2016. More information can be found here.
Baton Rouge Police – 50,000 records – The contents of the leaked data were not disclosed, but the leak was due to a security failure in the police department’s website which allowed Bad Actors access to login credentials for a police Oracle database. The website operators have not confirmed the breach through outside security researchers claim they have. More information can be found here.
Ubuntu Forums – 2 million users – Leaked data includes usernames, email addresses, and IP addresses associated with the Ubuntu Forums. The attacker was able to exploit an SQL injection vulnerability in an add-on used by an older version of the vBulletin forum software used by Canonical, the folks that develop Ubuntu and run the forums. Ubuntu has wiped, rebuilt, and hardened the attacked servers, and passwords were changed. Also, the forum software was fully patched, which, and we can brag a bit here, would have already been fully patched had we managed their servers. Harrumph! More information, without the self-congratulatory tone, can be found here.