5 million payment card details stolen in painful reminder to monitor Christmas spending


Another day, another exposed S3 bucket. This time, 5 million US credit cards and personal details were leaked online. The Leakd.com security team discovered that 5 terabytes of sensitive screenshots were exposed in a freely accessible Amazon S3 bucket.

An S3 bucket is like a virtual file folder in the cloud where you can store various types of data, such as text files, images, videos, and more. There is no limit to the amount of data you can store in an S3 bucket, and individual instances can be up to 5 TB in size. In this case we don’t know who’s behind the leak, although it seems clear from the screenshots that it’s a phishing operation and the credit and debit card information was exactly the data they were after.

Read more…
Source: Malwarebytes Labs


Sign up for our Newsletter


Related:

  • Yahoo offers new details on breaches to Senate committee

    February 28, 2017

    Since Yahoo disclosed two mega-breaches late last year, its executives have met almost daily with CEO Marissa Mayer for working sessions focused on improving the company’s cybersecurity posture. Employees have also received weekly security presentations from Yahoo CISO Bob Lord at the company’s all-hands meetings. The new working sessions and briefings are part of an ...

  • Boeing Notifies 36,000 Employees Following Breach

    February 27, 2017

    A Boeing employee inadvertently leaked the personal information of 36,000 of his co-workers late last year when he emailed a company spreadsheet to his non-Boeing spouse. News of the breach surfaced earlier this month after a letter (.PDF) from Boeing’s Deputy Chief Privacy Officer Marie Olson, to the Attorney General for the state of Washington Bob ...

  • How to Bury a Major Breach Notification

    February 21, 2017

    Amid the hustle and bustle of the RSA Security Conference in San Francisco last week, researchers at RSA released a startling report that received very little press coverage relative to its overall importance. The report detailed a malware campaign that piggybacked on a popular piece of software used by system administrators at some of the ...

  • Why Cybersecurity Should Be The CFO’s Job

    January 31, 2017

    Cyber risk is a 21st century business reality and something that can’t be ignored. The sheer pervasiveness of these risks, matched with the evolution into far more complex attacks, means the C-Suite has to get serious about managing cybersecurity. I sat down with Steffan Tomlinson this month, CFO of Palo Alto Networks, who explains why ...

  • Last Year’s Data Breaches Exposed 4.2 Billion Records, Most from America

    January 26, 2017

    The United States was the main target of hacker attacks last year, resulting in a record number of data breaches. According to a report from Risk Based Security, during 2016 there were 4,149 data breaches which resulted in the exposure of 4.2 billion records. Nearly half, or more specifically 47.5%, of the breaches that exposed user ...

  • Yahoo Under SEC Investigation for Taking too Long to Reveal Data Breaches

    January 23, 2017

    Yahoo is in big trouble with US authorities due to how it handled the massive data breaches it disclosed last year, more specifically its failure to inform investors of the issues at an earlier time. The United States Securities and Exchange Commission (SEC) has launched an investigation, the Wall Street Journal reports, which is yet in ...