Houston, we have a problem, Quora has an enormous breach and we have a new movie pitch for you! It’s all this and more in The Month in Hacks.
NASA notifies employees of potential personal information data breach
On December 18, NASA confirmed at least one of the agency’s servers was hacked in a breach that may have compromised current and former employee information. The data breach was discovered October 23, but it is common for hacked organizations to be asked to delay notification during the investigation period.
The agency has since secured its servers and all affected employees, past and present, will be notified and offered identity theft protection services. NASA is reviewing its processes and procedures in a continued effort to secure all servers.
Massive Quora hack – 100 million users affected
The question and answer site Quora confirmed early in December that a system hack left account information, public content and actions, and non-public content and actions compromised. A malicious third-party gained unauthorized access to servers and stole the data of almost half of their user base – approximately 100 million users. An official question and answer page has been provided by Quora where you will find detailed information about the data breach and what users should do.
Google+ will shut down 4 months early after Google discovered a 2nd bug affecting user data for more than 52 million
On Monday, Google announced that it would be shutting down Google+ four months early after another bug involving user data was discovered in November.
The company said 52.5 million users were affected by this issue, which exposed information including names, email addresses, occupations, and ages, between November 7 and November 13. Google said it has fixed the bug and will begin contacting those whose information has been compromised.
Eastern European banks lose tens of millions of dollars in Hollywood-style hacks
Cyber-criminal gangs are believed to have stolen tens of millions of dollars from at least eight banks in Eastern Europe using tactics usually seen only in Hollywood movies.
These “hacks” consisted of cyber-criminals entering bank offices to inspect and then leave malicious devices connected to the bank’s network.
Russian cyber-security firm Kaspersky Lab, which was called to investigate some of these mysterious cyber-heists, says it found three types of devices at central or regional offices at the eight banks it reviewed.
These included cheap laptops, Raspberry Pi boards, or malicious USB thumb drives known as Bash Bunnies.