News in brief: cryptocurrency exchange hacked; laptop ban further eased; AA under fire over data breach

Your daily round-up of some of the other stories in the news

Bithumb exchange hacked

Hard on the heels of the news that users of Classic Ether Wallet had had their wallets emptied thanks to a domain hijacking came news of another cryptocurrency heist, with South Korean users of Bithumb, one of the world’s largest cryptocurrency exchanges, the hardest hit.

Bithumb, which is South Korea’s largest Bitcoin and Ethereum exchange, said it would compensate users after the site’s data after announcing that the personal details of more than 30,000 of its users were stolen in a data breach.

Bithumb initially said in a blog post (in Korean) that it would cover losses of up to 100,000 Won ($87), but some victims may well have had much more stolen, with one user claiming to have had 1.2bn Won taken.

The breach is thought to date from February, with Bithumb only discovering it and reporting it to the authorities in June. Coindesk reported that both the Korea Internet and Security Agency and the Korea Communications Commission were involved in the investigation.

More airlines end laptop ban

More good news for travellers to the US as two more Middle Eastern airlines said that they had lifted the laptop ban on its flights to the United States. The ban on devices bigger than a smartphone has been scrapped with immediate effect, said both Emirates and Turkish Airlines on Wednesday.

Emirates, which flies to 12 American cities, told the BBC that it had worked with US officials to meet new security standards at its Dubai hub, while Istanbul airport, Turkish Airlines’ home, has also tightened up its security screening.

Neither airline went in to any detail about the heightened security measures, but the BBC reported that officials from both the US and the UK – which also has a similar ban in place on electronic devices in the cabin – had visited Istanbul airport earlier this week.

Etihad said at the weekend that its flights from its Abu Dhabi hub were now exempt from the ban, which leaves flights from Qatar, Morocco, Jordan, Egypt, Saudi Arabia and Kuwait still affected by the ban.

AA under fire over breach

The AA is under fire for the way it handled a data breach in April that exposed 13GB of data comprising the details of more than 100,000 customers of the motoring organisation’s online shop. The cache was visible online for a few days before the AA took it down, saying at the time that no sensitive information had been exposed.

However, security researcher Troy Hunt analysed the cache and found that it revealed the email addresses, names, credit card expiry dates and the final four digits of those cards, and told the BBC that he had confirmed that the details did indeed belong to “customers of the AA and they never received a notification about the data exposure”.

The AA blamed a “server misconfiguration” and at the time said it takes “any data issues incredibly seriously and would like to reassure our AA Shop customers that their payment details have not been compromised”.

This is the second time in the space of a fortnight that the AA has under the spotlight: last week it emailed its members a warning to reset their passwords, which the recipients duly went ahead and did – and promptly crashed the AA’s servers.

Catch up with all of today’s stories on Naked Security


from Naked Security – Sophos http://bit.ly/2tMS9MZ
via IFTTT

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s