A California financing company exposed Attack.Databreach up to 1 million records online that contained names , addresses , fragments of Social Security numbers and data related to vehicle loans , according to a researcher 's report . The data comes from Alliance Direct Lending , which is based in Orange , California , writes Bob Diachenko , who works with the security research team at Kromtech Alliance Corp. of Germany . Alliance Direct Lending specializes in refinancing auto loans at a lower interest rate , and it also has partnerships with dealers across the country . `` It is unclear if anyone other than security researchers accessed it or how long the data was exposed Attack.Databreach , '' Diachenko writes in a blog post . Security researchers , as well as hackers , have had a field day lately exposing configuration mistakes organizations have made when setting up databases . Despite a string of well-publicized findings , the errors are still being made , or at least , not being caught . Aside from breaches Attack.Databreach , other organizations have seen their data erased and held for ransom Attack.Ransom , with notes left inside the databases asking for bitcoins Attack.Ransom ( see Database Hijackings : Who 's Next ? ) . Kromtech notified Alliance , which has since taken the data offline , Diachenko writes . Information Security Media Group 's efforts to reach Alliance officials were not immediately successful . Under California 's mandatory data breach Attack.Databreach notification law , Alliance would be required to report the breach Attack.Databreach . `` The IT administrator claimed that it had only recently been leaked Attack.Databreach and was not was not up for long , '' Diachenko writes . `` He thanked us for the notification and the data was secured very shortly after the notification call . '' Researchers came across the data while looking into Amazon Web Services Simple Storage Service ( S3 ) `` buckets , '' which is the term for storage instances on the popular cloud hosting service . They were specifically hunting for buckets that had been left online but required no authentication . The bucket contained 1,000 items , of which 210 were public . The leaked data included .csv files listed by dealerships located around the country . The number of consumer details leaked ranges between 550,000 up to 1 million , Diachenko writes . A screenshot posted on Kromtech 's blog shows a sampling of the dealerships affected . Kromtech shared with ISMG a data sample pertaining to a dealership in Michigan . It shows full names , addresses , ZIP codes , what appear to be FICO credit scores , an annual percentage rate and the last four digits of Social Security numbers . `` The danger of this information being leaked Attack.Databreach is that cybercriminals would have enough to engage in identity theft , obtain Attack.Databreach credit cards or even file a false tax return , '' Diachenko writes . While full Social Security numbers weren't exposed Attack.Databreach , there 's still a risk in leaking Attack.Databreach the last four digits . When trying to verify customers ' identities , companies will sometimes ask for a fragment of data . So for fraudsters compiling dossiers , every bit , however incomplete , helps . Also exposed Attack.Databreach were 20 phone call recordings with customers who were negotiating auto loan deals . `` These consent calls were the customers agreeing that they understood they were getting an auto loan , confirming that the information was correct and true , '' Diachenko writes . `` They included the customer 's name , date of birth , social security numbers , and phone numbers . '' The bucket was last modified on Dec. 29 , 2016 , Kromtech writes . Amazon has strong security built around S3 storage , so it would appear that whomever created the bucket might have disabled its controls . According to Amazon 's guidance , `` only the bucket and object owners originally have access to Amazon S3 resources they created . '' Amazon also has identity and access management controls that can be used to carefully restrict who can access and change data . Buckets can also be made off-limits based on HTTP referrers and IP addresses . Managing Editor , Security and Technology , ISMG Kirk is a veteran journalist who has reported from more than a dozen countries . Based in Sydney , he is Managing Editor for Security and Technology for Information Security Media Group . Prior to ISMG , he worked from London and Sydney covering computer security and privacy for International Data Group . Further back , he covered military affairs from Seoul , South Korea , and general assignment news for his hometown paper in Illinois .

Earlier this week , private photos and video clip of the famous WWE Divas Lisa Marie Varon known by her WWE name Victoria and Charlotte Flair were leaked Attack.Databreach online the internet . The photos showed Charlotte taking selfies of herself in front of the mirror using her iPhone while in Lisa ’ s case a video clip in her private moments along with selfies taken from her iPhone have been leaked Attack.Databreach . Her original name being Ashley Fliehr , the WWE woman wrestler is the daughter of Ric Flair , who is again a well-known wrestling legend . She is considered as one of the most popular WWE stars having been the women ’ s champion for up to four times . She began her career by first appearing on NXT in 2013 , and after a year , she managed to win NXT Women ’ s Championship . Later , she won the WWE Divas Championship after being promoted to the main roster in 2015 . She had also been married twice . Her first marriage was in 2010 with Riki Johnson . They later filed for divorce and Flair then married Bram in 2013 . They got divorced in 2015 . Flair also had a brother , Reid , who was found dead in March 2013 , in Charlotte ’ s bed and it was revealed that he died from heroin overdose . Flair tweeted about her photos being leaked Attack.Databreach saying that her photos were shared online without her consent and demanded that they should be removed immediately . Upon this , there were a plethora of supporters who emerged on Twitter , showing their support for Flair with the hashtag Flair , however , is not the only victim whose photos have been leaked Attack.Databreach so unscrupulously . Alexa Bliss , who currently holds the title of RAW Women ’ s Champion , had her photos leaked Attack.Databreach as well on April 28 . Alexa tweeted that the photos are fake and demanded that they should be taken down immediately . Similarly , Paige , who was WWE Divas Champion , had her private photos hacked Attack.Databreach along with explicit videos that were made public online . She later wrote that she felt quite bad and wanted to harm herself for days after the leak . Furthermore , private photos of WWE Divas including Maria Kanellis , Melina Perez , Kaitlyn and Summer Rae were also leaked Attack.Databreach on different online platforms . That ’ s not all , it was about two months ago when hackers leaked Attack.Databreach private photos of prominent Hollywood celebrities like Amanda Seyfried , Emma Watson . However , It is quite unnerving and yet troubling to see how these WWE stars are being exploited and no attention is being paid to the security standards of mobile communication . It is vital that network operators look into the issue immediately and build proper security features to prevent such infiltrations .

Earlier this week , private photos and video clip of the famous WWE Divas Lisa Marie Varon known by her WWE name Victoria and Charlotte Flair were leaked Attack.Databreach online the internet . The photos showed Charlotte taking selfies of herself in front of the mirror using her iPhone while in Lisa ’ s case a video clip in her private moments along with selfies taken from her iPhone have been leaked Attack.Databreach . Her original name being Ashley Fliehr , the WWE woman wrestler is the daughter of Ric Flair , who is again a well-known wrestling legend . She is considered as one of the most popular WWE stars having been the women ’ s champion for up to four times . She began her career by first appearing on NXT in 2013 , and after a year , she managed to win NXT Women ’ s Championship . Later , she won the WWE Divas Championship after being promoted to the main roster in 2015 . She had also been married twice . Her first marriage was in 2010 with Riki Johnson . They later filed for divorce and Flair then married Bram in 2013 . They got divorced in 2015 . Flair also had a brother , Reid , who was found dead in March 2013 , in Charlotte ’ s bed and it was revealed that he died from heroin overdose . Flair tweeted about her photos being leaked Attack.Databreach saying that her photos were shared online without her consent and demanded that they should be removed immediately . Upon this , there were a plethora of supporters who emerged on Twitter , showing their support for Flair with the hashtag Flair , however , is not the only victim whose photos have been leaked Attack.Databreach so unscrupulously . Alexa Bliss , who currently holds the title of RAW Women ’ s Champion , had her photos leaked Attack.Databreach as well on April 28 . Alexa tweeted that the photos are fake and demanded that they should be taken down immediately . Similarly , Paige , who was WWE Divas Champion , had her private photos hacked Attack.Databreach along with explicit videos that were made public online . She later wrote that she felt quite bad and wanted to harm herself for days after the leak . Furthermore , private photos of WWE Divas including Maria Kanellis , Melina Perez , Kaitlyn and Summer Rae were also leaked Attack.Databreach on different online platforms . That ’ s not all , it was about two months ago when hackers leaked Attack.Databreach private photos of prominent Hollywood celebrities like Amanda Seyfried , Emma Watson . However , It is quite unnerving and yet troubling to see how these WWE stars are being exploited and no attention is being paid to the security standards of mobile communication . It is vital that network operators look into the issue immediately and build proper security features to prevent such infiltrations .

Now , the same vendor is selling something that is not just unique but also highly sensitive and something the Intelligence agencies around the world would consider an excellent opportunity to get their hands on . The vendor is selling a database containing personal and cell phone number details of 126,761,168 citizens of the United States taken Attack.Databreach from United States Cellular Corporation ( U.S. Cellular ) , a regional carrier which owns and operates the fifth-largest wireless telecommunications network in the United States , serving 4.9 million customers in 426 markets in 23 U.S. states . DoubleFlag claims the database is updated till January 2017 and never been leaked Attack.Databreach on the Internet before . The database according to him contains details such as first name , last name , address , city , state and phone numbers of one hundred twenty-six million seven hundred sixty-one thousand one hundred sixty-eight ( 126,761,168 ) Americans . The price set for this database is 0.5497 Bitcoin ( USD 500 ) . This means anyone with access to this database can scan and check cell phone number details of millions of American citizens .

INDIANAPOLIS , Ind.– Officials at Scotty ’ s Brewhouse are working to inform thousands of employees across the company about an email data breach Attack.Databreach , leaking Attack.Databreach employees ’ W-2 forms to an unknown suspect . Company officials called IMPD Monday afternoon to report the breach Attack.Databreach , which apparently resulted from an email phishing scam Attack.Phishing . According to the police report , an individual posing as Attack.Phishing company CEO Scott Wise sent Attack.Phishing an email to a payroll account employee . The email requested the employee to send all 4,000 employees W-2 forms in PDF form . Chris Martin , director of HR/Payroll for the company , told police the email did not really come from Wise . However , the payroll account employee did email all 4,000 W-2 forms to the unknown individual . The report says Martin contacted the IRS to inform the agency of the breach . The IRS recommended Martin also file a report with IMPD . Scotty ’ s Brewhouse officials are now in the process of informing all employees , and providing them with precautionary measures to take in order to protect their financial and personal information . The company says it will offer one year of credit monitoring at no cost to employees , in addition to providing information regarding available resources for its employees to monitor their credit . Scotty ’ s says no customer information was obtained Attack.Databreach during the phishing scam Attack.Phishing . The company is working with law enforcement and the credit bureaus to limit any potential misuse of the information that was obtained Attack.Databreach and to identify and apprehend the scammers . Scott Wise , CEO of Scotty ’ s Holdings , LLC , issued the following statement : “ Unfortunately , Scotty ’ s was the target of and fell victim to scammers , as so many other companies have , ” said Wise . “ Scotty ’ s employees and customers are of tremendous importance to the company and Scotty ’ s regrets any inconvenience to its employees that may result from this scamming incident . Scotty ’ s will continue to work with federal and local law enforcement , the Internal Revenue Service and credit bureaus to bring the responsible party or parties to justice ” . The incident appears to match the description of an email phishing Attack.Phishing scheme the IRS issued warnings about last year . This scheme involves scammers posing as Attack.Phishing company executives to request financial and personal information on employees . The IRS has online tutorials on the proper steps to take if you have become the victim of identity theft or your personal information has been leaked Attack.Databreach

On Friday , the unnamed hacker began dumping Attack.Databreach a sizable database stolen Attack.Databreach from Freedom Hosting II onto the internet , potentially exposing its users . The hosting service , Freedom Hosting II , was known for operating thousands of sites that were accessible through the Tor browser ; the `` dark web '' is essentially the encrypted network comprising Tor servers and browsers . Its main landing page was replaced with a message saying that it had been hacked . Allegedly , Freedom Hosting II had been hosting child pornography sites , though its anonymous operator claimed to have a zero-tolerance policy toward such content , according to the hacker behind the breach . “ What we found while searching through your server is more than 50 % child porn… ” the hacker wrote in the message left on the site . “ Moreover , you host many scam sites , some of which are evidently run by yourself to cover hosting expenses ” . In an email to the IDG News Service , the hacker explained how the breach came about . “ I just recently read an article about a well-known exploit that some hosting providers fell victims of many years ago , ” the person said . However , starting on Jan. 30 , the hacker gained access to its web server , using a 20-step method . The hack essentially involved starting a new site on Freedom Hosting II and creating a link to gain access to the service ’ s root directory . This allowed the hacker to browse the entire server . “ I had reading permissions to everything the web server could get access to just by creating a symlink to / ( the root directory ) ” . After coming across child porn sites , the hacker decided to take over Freedom Hosting II by altering its configuration file to trigger a password reset . “ Once I found out what they were hosting , I just wanted to shut them down , ” said the hacker , who ’ s also been circulating what he stole Attack.Databreach through a torrent file . The dump Attack.Databreach includes 74GB of files and a 2.3GB database from the service , the hacker claims . “ The IP of the server has been leaked Attack.Databreach , which potentially could reveal the admin 's identity , ” the hacker added . Chris Monteiro , a cybercrime researcher based in the U.K. , has been looking through the data dump , which he said appears to be real . The information includes the sites that Freedom Hosting II had been operating , along with the admin credentials to access them . The dump Attack.Databreach also appears to contain a client database , meaning that anyone who used Freedom Hosting II might be exposed , Monteiro said .