been-the-victim – Tech Today w/ Ken May

Enlarge (credit: Royal Australian Air Force) The Australian Cyber Security Centre noted in its just-issued 2017 Threat Report that a small Australian defense company “with contracting links to national security projects” had been the victim of a cyber-espionage attack detected last November. “ACSC analysis confirmed that the adversary had sustained access to the network for an extended period of time and had stolen a significant amount of data,” the ACSC report stated. “The adversary remained active on the network at the time.” More details of the breach were revealed on Wednesday at an IT conference in Sydney. ASD Incident Response Manager Mitchell Clarke said, “The compromise was extensive and extreme.” The attacker behind the breach has been internally referred to at the Australian Signals Directorate as ” APT Alf ” (named for a character in Australia’s long-running television show Home and Away , not the US television furry alien). Alf stole approximately 30 gigabytes of data, including data related to Australia’s involvement in the F-35 Joint Strike Fighter program, as well as data on the P-8 Poseidon patrol plane, planned future Australian Navy ships, the C-130 Hercules cargo plane, and the Joint Direct Attack Munition (JDAM) bomb. The breach began in July of 2016. A spokesperson for the US Department of Defense’s F-35 Joint Program Office confirmed the breach to Defense News , stating that the Office “is aware” of the breach. The spokesperson reiterated that no classified data was exposed. Read 7 remaining paragraphs | Comments

See the original article here:
Australian defense firm was hacked and F-35 data stolen, DOD confirms

Hackers stole credit card information from customers at Chipotle restaurants across the United States between March 24th and April 18th, the company announced today. Chipotle revealed in April that it had been the victim of an attack, and today it shared details about the type of information stolen from customers, which covered “cardholder name in addition to card number, expiration date, and internal verification code.” No other information was compromised, Chipotle said. The attack pulled data off the magnetic strips of credit cards used in physical Chipotle locations around the US. The company has not said how many customers were affected, though it offered a searchable list of locations that were actually hit in the attack, including the dates each restaurant was vulnerable. Some were compromised for about a week, and others for the full four weeks. If you swiped a credit card at a Chipotle in March or April, check out the list of affected restaurants right here . “Because of the nature of the incident and the type of data involved, we do not know how many unique payment cards may have been involved, ” Chipotle spokesperson Chris Arnold told Engadget. As Reuters notes, Chipotle is not offering credit monitoring services to compromised customers. The company said monitoring services don’t alert customers when a fraudulent charge is made in their name. “Chipotle takes this kind of issue very seriously, and we regret any inconvenience or concern it may have caused, ” Arnold told Engadget. “To help prevent a similar incident from recurring, we have resolved the issue and continue to work with cyber security firms to evaluate ways to enhance our security measures.” Source: Chipotle

View original post here:
Chipotle finds malware exposed credit card info across the US