User names stolen from Apple server
Hacking groups
Hacking attacks are on the rise. Hacker groups such as LulzSec have been successfully breaking into networks of big companies like Fox, Sony, AT&T, PBS, Citigroup and even the CIA. LulzSec, an anonymous group of hackers, have claimed responsibility for hacking into several major company websites.
The latest in the line is Apple’s website. It appears that hackers have broken into Apple’s systems before posting a list of names and password hashes online. The names were not linked to the more than 200m customer credit cards stored on the iTunes online store.
The complete story
Hacking group Anonymous broke into an Apple server, collecting 26 administrative user names and passwords. The group announced the breach through its Twitter where it shared a link to the data posted on text-sharing website Pastebin. “Apple could be target, too,” the group tweeted. “But don’t worry, we are busy elsewhere.”
LulzSec group has been very active in the hacking field and recently announced it was ending its hacking operation and asked its users to support Anonymous. Their movement is called “AntiSec.” Both Anonymous and LulzSec have always targeted big companies disclosing their political motives.
What does Apple have to say?
Apple declined to comment declined to comment and has not confirmed the breach as yet. Fortunately the data that was hacked has little value to the culprits.
Why is this happening?
“Part of the problem is that companies don’t have an incentive to disclose when a breach occurs unless it’s required by law,” said Ronald Deibert, director of the Citizen Lab at the University of Toronto’s Munk School of Global Affairs. “But the volume [of attacks] suggests something is going on.”
Hacking operations by groups like Anonymous and LulzSec started with Sony who is still having a hard time getting its systems back on track since its breach in April.
One of the reasons for these successful hacking attempts is the very nature of most major corporations’ digital data. Up till now, large companies had an Internet website for public information and an “intranet” for internal use. But the picture has drastically changed today. A company’s public online presence includes websites, YouTube channels, Facebook pages and Twitter accounts – all very vulnerable for getting compromised!
Add to this the high-profile nature of such services. Even though Social networking platforms like Twitter or Facebook offer very less business value, they can be used to quickly and publicly embarrass a company – the latest in the news – Fox News Twitter account which displayed fake Obama tweets! Stay tuned..
Time for giant Corp orates to tighten their security – AlertSec’s security services
Organisations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.
Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Alertsec Xpress’s Check Point Full Disk Encryption is used by over 4 million users worldwide.
With the continued growth of mobile computing and of data security laws, every day companies are investing more an more time and dollars into security systems. Unfortunately, a common failing of these laptop security measures is the fact that they are heavily reliant on the diligent action of laptop-using employees to remain effective. Thus, even after this investment of time and money – a security breach occurs because of the weakest link – the person behind the keyboard.
Traditionally, organizations have used corporate firewalls and other intrusion detection systems to protect corporate networks from potentially compromised endpoints. However, in today’s laptop-dominated environment, endpoint security strategies place the responsibility for security on the device itself and not on the employees. This next generation of security strategy is already common in the form of anti-spam filters, desktop level firewalls and anti-virus software programs.
The U.S. Government Accountability Office (GAO) has released another 
