23 May 2015


The UK Independent reports on yet another data breach (with the standard response from the database owner).

This time it is Adult FriendFinder, with the a hacker supposedly exposing "the personal and sexual details of nearly 4 million users on one of the world-leading dating sites".

The data reportedly includes sexual orientation, preferences, partnership status, names, email addresses, postcodes, dates of birth and IP addresses. The coverage includes data regarding previous members who had deleted their accounts.

The service is claimed to have  63 million users

FriendFinder Networks Inc understands and fully appreciates the seriousness of the issue. 
We pledge to take the appropriate steps needed to protect our customers if they are affected.
Meanwhile the NY Times reports on another health sector breach in the US -
CareFirst, a Blue Cross Blue Shield plan, on Wednesday became the third major health insurer in the United States to disclose this year that hackers had breached its computer systems and potentially compromised some customer information. 
The attack could affect as many as 1.1 million of its customers, but CareFirst said that although the hackers gained access to customer names, email addresses and birthdates, they did not obtain sensitive financial or medical information like Social Security numbers, credit card information and medical claims. The company, which has headquarters in Maryland and serves the Washington area, said the attack occurred in June and described it as “sophisticated.” 
Chet Burrell, CareFirst’s chief executive, said the company contacted the Federal Bureau of Investigation, which is investigating attacks against the insurers Anthem and Premera. … 
Federal officials have yet to label the breaches at Anthem and Premera Blue Cross as state-sponsored hackings, but the F.B.I. is effectively treating them as such, and China is believed to be the main culprit, according to several people who were briefed on the investigations but spoke on the condition of anonymity. There are indications the attacks on Anthem, Premera and now CareFirst may have some common links. … 
The Breaches at Anthem, which is one of the nation’s largest health insurers and operates Blue Cross Blue Shield plans, and Premera Blue Cross, based in Washington State, were much larger. The one at Anthem may have compromised the personal information of 79 million customers and the one at Premera up to 11 million customers. 
Anthem has said the hackers may have stolen Social Security numbers but did not get access to any medical information. Premera said it was possible that some medical and bank account information may have been pilfered.