Hyatt Hotels has suffered a second card data breach in two years. In the first breach, hackers had gained access to credit card systems at 250 properties in 50 different countries. This time, the breach appears to have impacted 41 properties across 11 countries. Krebs on Security reports: Hyatt said its cyber security team discovered signs of unauthorized access to payment card information from cards manually entered or swiped at the front desk of certain Hyatt-managed locations between March 18, 2017 and July 2, 2017. “Upon discovery, we launched a comprehensive investigation to understand what happened and how this occurred, which included engaging leading third-party experts, payment card networks and authorities, ” the company said in a statement. “Hyatt’s layers of defense and other cybersecurity measures helped to identify and resolve the issue. While this incident affects a small percentage of total payment cards used at the affected hotels during the at-risk dates.” The hotel chain said the incident affected payment card information — cardholder name, card number, expiration date and internal verification code — from cards manually entered or swiped at the front desk of certain Hyatt-managed locations. It added there is no indication that any other information was involved. Read more of this story at Slashdot.
Continue Reading:
Hyatt Hotels Discovers Card Data Breach At 41 Properties Across 11 Countries
An anonymous reader shares a report: A contractor doing maintenance work at a British Airways data centre inadvertently switched off the power supply, knocking out the airline’s computer systems and leaving 75, 000 people stranded last weekend, according to reports. A BA source told The Times the power supply unit that sparked the IT failure was working perfectly but was accidentally shut down by a worker. Read more of this story at Slashdot. 
New submitter evolutionary writes: Plutus Payroll, an Australian payroll company, is refusing to pay contractors due to a dispute with companies using their services. Around 1, 000 IT workers are unable to receive payment for services rendered. One may ask, “Where are the companies who actually hired the IT workers?” The Register reports: “This story starts with Australia’s employment laws, which see lots of contractors officially employed by recruitment companies or payroll companies. The company at which the contractor works likes this arrangement as it means they don’t have to put such people on their books. Recruitment companies and payroll companies charge for the service. Contractors generally like the convenience of having one employer even though they hop from gig to gig. The system requires fluid payments. Companies who hire contractors pay the recruiter, which either pays contractors direct or pays the payroll company contractors prefer. If the cash stops flowing, contractors get crunched. That’s what’s happened to around 1, 000 contractors who elected to use Plutus as their paymasters: the company says it is in the midst of a completely unexplained ‘dispute’ that leaves it unable to pay contractors, or receive money from recruitment companies, but is still solvent. The Register has checked with the bank that Plutus clients say sends them their money — the bank says it is aware of no dispute. One possible reason for the mess is that Plutus did not charge for its services. How it made money is therefore a mystery. Another scenario concerns the company’s recent acquisition: perhaps its new owners are being denied access to some service Plutus could access as a standalone company. Plutus is saying nothing of substance about the situation. A spokesperson tells us the company deeply regrets the situation but won’t divulge anything about the dispute and has offered no details about when contractors can expect resolution.” Read more of this story at Slashdot. 
A drum full of radioactive waste exploded at the Waste Isolation Pilot Plant in New Mexico last February, sparking serious safety concerns about the U.S.’s only longterm nuclear storage site. A yearlong government investigation has officially fingered the long-suspected culprit: kitty litter. Read more… 
SpzToid (869795) writes The state of Oregon sued Oracle America Inc. and six of its top executives Friday, accusing the software giant of fraud for failing to deliver a working website for the Affordable Care Act program. The 126-page lawsuit claims Oracle has committed fraud, lies, and “a pattern of activity that has cost the State and Cover Oregon hundreds of millions of dollars”. “Not only were Oracle’s claims lies, Oracle’s work was abysmal”, the lawsuit said. Oregon paid Oracle about $240.3 million for a system that never worked, the suit said. “Today’s lawsuit clearly explains how egregiously Oracle has disserved Oregonians and our state agencies”, said Oregon Atty. Gen. Ellen Rosenblum in a written statement. “Over the course of our investigation, it became abundantly clear that Oracle repeatedly lied and defrauded the state. Through this legal action, we intend to make our state whole and make sure taxpayers aren’t left holding the bag.” Oregon’s suit, alleges that Oracle, the largest tech contractor working on the website, made falsely convinced officials to buy “hundreds of millions of dollars of Oracle products and services that failed to perform as promised.” It is seeking $200 million in damages. Oracle issued a statement saying the suit “is a desperate attempt to deflect blame from Cover Oregon and the governor for their failures to manage a complex IT project. The complaint is a fictional account of the Oregon Healthcare Project.” Read more of this story at Slashdot. 
alphadogg (971356) writes with news that the SSA has joined the long list of federal agencies with giant failed IT projects. From the article: “Six years ago the Social Security Administration embarked on an aggressive plan to replace outdated computer systems overwhelmed by a growing flood of disability claims. Nearly $300 million later, the new system is nowhere near ready and agency officials are struggling to salvage a project racked by delays and mismanagement, according to an internal report commissioned by the agency. In 2008, Social Security said the project was about two to three years from completion. Five years later, it was still two to three years from being done, according to the report by McKinsey and Co., a management consulting firm. Today, with the project still in the testing phase, the agency can’t say when it will be completed or how much it will cost. Read more of this story at Slashdot. 
