A total of 32 lakh (3.2 million) debit cards across 19 banks could have been compromised on account of a purported fraud, the National Payment Corporation of India said in a statement. BloombergQuint adds: “The genesis of the problem was receipt of complaints from few banks that their customer’s cards were used fraudulently mainly in China and USA while customers were in India, ” the NPCI said. “The complaints of fraudulent withdrawal are limited to cards of 19 banks and 641 customers. The total amount involved is Rs 1.3 crore as reported by various affected banks to NPCI.” SISA Security, a Bengaluru-based company is currently undertaking a forensic study to identify the extent of the problem and will submit a final report in November. Initial reports had suggested that ATMs operated by Hitachi Payment Services had been attacked by malware and were the source of the breach. However, the company has said in a statement that an interim report by the audit agency does not suggest any breach or compromise in its systems. Read more of this story at Slashdot.
Read the article:
India’s Biggest ATM Breach? 3.2 Million Debit Cards Across 19 Banks May Have Been Compromised
Okian Warrior writes: Martin Gottesfeld of Anonymous was arrested in connection with the Spring 2014 attacks on a number of healthcare and treatment facilities in the Boston area. The attacks were in response/defense of a patient there named Justina Pelletier. Gottesfeld now explains why he did what he did, in a statement provided to The Huffington Post. Here’s an excerpt from his statement: [Why I Knocked Boston Children’s Hospital Off The Internet] The answer is simpler than you might think: The defense of an innocent, learning disabled, 15-year-old girl. In the criminal complaint, she’s called ‘Patient A, ‘ but to me, she has a name, Justina Pelletier. Boston Children’s Hospital disagreed with her diagnosis. They said her symptoms were psychological. They made misleading statement on an affidavit, went to court, and had Justina’s parents stripped of custody. They stopped her painkillers, leaving her in agony. They stopped her heart medication, leaving her tachycardic. They said she was a danger to herself, and locked her in a psych ward. They said her family was part of the problem, so they limited, monitored, and censored her contact with them…” Read more of this story at Slashdot. 
Want to know why phishing continues to be one of the most common security issue? Half of the people will click on anything without thinking twice ArsTechnica reports: A study by researchers at a university in Germany found that about half of the subjects in a recent experiment clicked on links from strangers in e-mails and Facebook messages — even though most of them claimed to be aware of the risks. The researchers at the Friedrich-Alexander University (FAU) of Erlangen-Nuremberg, Germany, led by FAU Computer Science Department Chair Dr Zinaida Benenson, revealed the initial results of the study at this month’s Black Hat security conference. Simulated “spear phishing” attacks were sent to 1, 700 test subjects — university students — from fake accounts. The e-mail and Facebook accounts were set up with the ten most common names in the age group of the targets. The Facebook profiles had varying levels of publicly accessible profile and timeline data — some with public photos and profile photos, and others with minimal data. The messages claimed the links were to photos taken at a New Year’s Eve party held a week before the study. Two sets of messages were sent out: in the first, the targets were addressed by their first name; in the second, they were not addressed by name, but more general information about the event allegedly photographed was given. Links sent resolved to a webpage with the message “access denied, ” but the site logged the clicks by each student. Read more of this story at Slashdot. 
Prominent technology blog TechCrunch — which is often cited on Slashdot — has become the latest victim of the OurMine hacking group. The notorious group gained access to Seattle-based writer Devin Coldewey’s account, and posted the following message earlier today: “Hello Guys, don’t worry we are just testing techcrunch security, we didn’t change any passwords, please contact us.” The post was then promoted as a ticker, the top banner in red and as the main story on TechCrunch’s front page. BetaNews adds: The OurMine website says that the group offers “top notch vulnerability assessment”, so it’s possible that the hack was little more than a PR stunt touting for business. It did not take TechCrunch long to notice and remove the story (and presumably change a series of passwords…) but the site is yet to issue a statement about what has happened. Read more of this story at Slashdot. 