Archive for May 31, 2015

Copart.com hacked, requests all members to change passwords


Copart, a Texas-based company which provides online vehicle auction and remarketing services, is urging its member to change their password for their Copart.com account after the company discovered that an authorized person gained access to its computer network.


“As part of our efforts to address the problem, the Copart is requiring all members to change the password for their Copart.com account,” Sean Eldridge, senior vice-president & chief operating officer at the Copart, wrote in a letter.


“If you have not already recently been required to reset your password, simply sign into your Copart account and go to the Change Password option under the My Account tab. Also, if you use the same username and password for any other account, we recommend that you change your password there as well,” he added.

On 31 March 2015, when the company identified that the unauthorized person accessed to its network, the company immediately worked to block any further unauthorized access.

A leading cyber-security firm has been hired for the investigation. It helps the company to help determine what had happened to the company’s system and to assists in implementing enhanced security measures.

“Based on the investigation, we determined that the unauthorized person may have accessed the member’s name, address, driver’s license number, telephone number, e-mail address, and the username and password for their Copart.com account,” said Eldridge.

In order to protect, the company has recommended its members to remain vigilant by reviewing their account statements and credit reports for any unauthorized activity.

Similarly, the members can also get a copy of their credit report, free of charge, in every 12 months from each of the three nationwide credit reporting companies: Equifax, Experian and TransUnion.

According to the letter, in order to order the free credit report, the members should visit www.annualcreditreport.com or call toll free at 1-877-322-8228.

Eldridge said that if any member believed that his/her personal information has been misused, he/she should immediately contact the Federal Trade Commission and/or the attorney general’s office in respective Home State.

Data breach at IRS, taxpayers data at risk

The IRS put out a statement saying that criminals had breached the confidential data of approximately a 100,000 people.

The hackers used sensitive data acquired from non-IRS sources - including Social Security Numbers, Date of Births and street addresses - to clear the multi-level security system of the IRS which includes verification through personal questions.

In total, the IRS has said there were 200,000 attempts to get data from their servers. The IRS will provide free credit monitoring service to those affected by this breach of data.

The IRS got to know a couple of weeks back that unusual activity was happening on their servers and that is how they discovered the breach of data.

The 'Get Transcript' feature was shut down temporarily by the IRS to gauge the estimate of the damage caused by the breach.

Indian online music streaming service Gaana website hacked by Pakistani hackers


Indian online music streaming service Gaana website has been hacked by Mak Man, Lahore, Pakistan, based hackers. Hacked database contains more than 12.5 million registered users.

The hackers posted a searchable  link of the database on his Facebook account. After once  entering  a user’s email address, the database opens containing their full name, email address, MD5-hashed password, date of birth Facebook and Twitter profiles and more.

Company issued a guidelines to their users  advised them to deactivate their account until the issue is resolved, and change their email, Facebook and Twitter passwords if they’re the same as on Gaana right away, because changing password of Gaana website won‘t help, as it gets updated in database.

Times Internet CEO Satyan Gajwani tweeted that only login credentials were accessed and no financial or sensitive personal data was leaked.

The hackers has removed the exposed database on Gajwani’s request, and  all Gaana users’ passwords have been reset.

Vancity urges its customer to change their debit cards

Hundreds of customers of Vancouver City Savings Credit Union, popularly known as Vancity which is one of the largest community credit unions in Canada, have been requested to change their debit cards and get a new one after their debit card numbers were stolen while making purchases in Metro Vancouver.

The Vancity on May 23 confirmed that account of more than 1,000 of its customers have been affected and other bank customers may also have been affected by the serious banking breach at two local retailers.

According to a report published on CTV Vancouver, Darwin Sauer, spokesperson at the Vanicity, said that they found out on May 23 from Central One, their card provider that two Vancouver-area retailers had their card machines compromised as a result of a skimming operation, under which stealing of customer’s account information like PIN numbers is done.

“This could mean any customer who used those card machines or had their card go through those machines could have had their card compromised,” Sauer told to CTV Vancouver.

According to the company, a total of 1,200 its customers used their debit cards at the unnamed locations and only two people have notified the credit union about questionable transactions.

In order to protect its customers, the Vancity has placed limits on the 1,200 cards that may have been compromised and contacted the customers who will need to get new cards.

Sauer said people can protect their accounts from such fraud by changing their PIN regularly and shielding their PIN when entering it.

Top secret Saudi documents hacked and released to public

A group of hackers from Yemen have put out a message saying that they have hacked the servers of Saudi Arabia's Interior, Defense and Foreign and gained access to thousands of top secret documents.

"We have gained access to the Saudi Ministry of Foreign Affairs (MOFA) network and have full control over more than 3000 computers and servers, and thousands of users. We also have access to the emails, personal and secret information of hundreds of thousands of their staff and diplomats in different missions around the world," the Yemen Cyber Army (the hackers) said in a statement which has been published on many hacking related websites.

The group has published some of the documents online and have threatened the Saudi government that they would inflict greater damage on them by releasing more documents, archived since the 1980s.

The group has said that it will wipe the servers of the Foreign Ministry of Saudi Arabia at midnight on Wednesday.

The Yemen Cyber Army has been previously known for hacking AlHayat.com.