Hackers Take Aim at Census Employees, Compromise CVS Photo Customers, and Snoop on Epic Gamers

Northfoto/Shutterstock.com

Just another week in ThreatWatch, our regularly updated index of noteworthy data breaches.

In case you missed our coverage this week in ThreatWatchNextgov’s regularly updated index of cyber breaches:

Anonymous Leaks Internal Census Data to Protest Controversial Trade Deals

The Census Bureau, part of the Commerce Department, recently bore the brunt of grievances about a proposed Trans-Pacific Partnership and Transatlantic Trade and Investment Partnership.

Anonymous claims to have posted on an online bulletin board sensitive data found inside the U.S. population-tracking bureau’s systems. Census maintains the information is not private.

The stolen information allegedly includes employee names, email addresses, phone numbers and positions within the federal government. The bundle also contains password hashes – which are difficult, but not impossible, to crack.

Popular Gaming Forums Hacked

Any information stored or sent by members of many Epic Games forums might have been compromised. The company July 14, 2015 notified users by email that most of its gaming communities have been taken offline, because of a cyber breach.

The incident also may have compromised forum members’ usernames, email addresses, passwords, and dates of birth provided at registration.

The affected Epic Games site supports discussions for UDK, Infinity Blade, Gears of War, Bulletstorm, and prior Unreal Tournament games. Separate forum sites for Unreal Engine 4, Fortnite, and the new Unreal Tournament are safe.

According to ZDNet, outdated software may be to blame.
 
Breach that Hit Supplier of Popular Drug Stores Could Impact Online Photo Customers

A vendor based in Vancouver that hosts Walmart Canada and CVS photo sites, and collects customers’ payment information, has been hacked.

The attackers might have stolen credit card data from each vendor’s online photo processing website.

The two companies have temporarily shut down their online photo processing services and related mobile services.

The IT vendor, Staples-owned PNI Digital Media, also provides software for online photo processing services at Costco.

Blackmailers Hold Belgian Loan Application Records For Ransom

Hacker collective Rex Mundi allegedly stole 24,000 financial records from Belgian company AFC Kredieten.

If the loan business didn’t pony up by July 17, at 8 p.m., the group had threatened to publish every loan applicant record in its possession.

The extortion marks the 18th time the blackmailers have promised to reveal business data. According to the collective, “the companies we targeted have only one thing in common: mediocre IT security protocols or poorly-designed Web applications.”

(Image via Northfoto/ Shutterstock.com)