Breaches and leaks

  • PHP PEAR: the old-school PHP package manager had its website breached six months ago. Since then it served a malicious version of the PEAR downloader containing a backdoor.
  • An unsecured Elasticsearch instance was found to hold data on several casino's, containing information of 108 million bets, most of which included sensitive personal details: link.
  • Atlas: the new MMO game was breached twice, once by a hacked admin account and once through a game exploit.
  • Redbanc: the company which runs the Chilean banking ATM networks. It was infected by malware, which an employee was tricked into installing through a Skype call.
Dieter Van der Stock