Global Payments Hacked, 50K Cardholders At Risk (Visa & MasterCard Investigating The Breach)

Global Payments Hacked, 50K Cardholders At Risk (Visa & MasterCard Investigating The Breach)

A security breach at Global Payments Inc, a third-party U.S. based processor, may have compromised 

50,000 Visa and MasterCard cardholder accounts. Both Visa and MasterCard have sent out non-public alerts to banks notifying them of the breach.

Major credit card issuing agencies have alerted customers and asserted that their own systems are still secure. MasterCard has hired an independent data security firm to look into the hack, while Visa has given the affected account number to the banks so that steps can be taken to protect those customers and to help find the hacker. However, the breach affects all major credit card brands, including Discover and American Express.

Visa and MasterCard are investigating whether a data security breach at one of the main companies that processes transactions improperly exposed private customer information, bank officials said Friday. The event highlighted a crucial vulnerability that could affect millions of credit card holders. The breach occurred at Global Payments, an Atlanta company that helps Visa and MasterCard process transactions for merchants. One bank executive estimated that about one million to three million accounts could be affected. That does not mean that all those cards were used fraudulently, but that credit card information on the cardholders was exposed. The bank official, who insisted on anonymity because the inquiry is at an early stage, said that Visa and MasterCard notified his company on Thursday, but that banks had been frustrated with the pace of disclosure by Global Payments. He said that Global Payments, which is one of the biggest transactions processors, had provided little information on where the breaches took place, how accounts were hacked and other details that could indicate which customers might be vulnerable. This is the second breach at Global Payments in the last 12 months, according to two individuals briefed on the investigations who spoke on condition of anonymity because they were not authorized to speak publicly. Another similar attack was disclosed by Heartland Payment Systems in 2009, a breach that began in 2007 and resulted in the exposure of data on 130 million credit cards. Heartland estimated that breach cost it $140 million in fines, settlements and legal fees.

If you use a Visa or MasterCard credit card, you may be affected by this breach. The good news is that most credit cards have fraud protection, so even if you are affected by this security breach, you most likely will not be affected by fraudulent charges if you catch them early enough.

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Global Payments Hacked, 50K Cardholders At Risk (Visa & MasterCard Investigating The Breach)"https://www.voiceofgreyhat.com/2012/04/global-payments-hacked-50k-cardholders.html</a>

Why does Sony getting hacked for multiple times (full report)

Since the April Play Station Network breach that exposed over 100 million user accounts, Sony has been hacked more than 10 times. Sony Pictures,Sony Europe, Sony BMG Greece, Sony Thailand,Sony Music Japan, Sony Ericcson Canada, and others, have all been the target of attacks. Sony has had to contend with intense scrutiny from media, disgruntled users and lawmakers, with everyone asking the company how it could let such a breach happen. Sony has apologized repeatedly and said that the original attack was a highly professional, criminal cyber attack aimed at stealing credit card numbers. Other experts have said that Sony simply didn't have its security act together and that the attack was likely far simpler. Now, critics are wondering what exactly the motivation might be behind the continued hacks. While the initial PlayStation Network breach was the largest of the hacks to date, Sony's cyber attack problem has continued due to both inconsistent security across Sony's systems and the rise of new groups of hackers interested less in punishing Sony than in showing off their ability to breach the company's defenses, experts say.

Some analysts say Sony's security woes started when the company pressed charges against 20 year-old hacker, George Hotz, who reverse-engineered Sony’s PlayStation 3 so that it could run unapproved third-party applications. Sony responded by suing Hotz, a move that reportedly infuriated many in the hacker community. Many experts say the attack on the PlayStation Network in April could have been an act of vilgilante justice resulting directly or indirectly from Sony's lawsuit against Hotz.

"Sony's perceived abuse of the legal system in targeting reverse-engineer George Hotz infuriated hacker groups," said Randy Abrams, director of technical education at ESET, an IT security firm. Abrams also noted that even before the Hotz incident, Sony had drummed up "significant antipathy" as the result of a 2005 scandal involving Sony CDs that automatically installed a rootkit that made users' computers vulnerable to attack.

The PlayStation Network attack appears to have set off an avalanche of follow-ups.

"Other hackers and hacking groups realized they could jump on the bandwagon and break into other Sony properties and get in the news," said Richard Wang, manager of Sophos Labs, a security vendor. "Really anything that has the Sony brand on it has become a target for someone trying to make a name for themselves or trying to prove they can break into the website."

Fred Cate, director of the Center for Applied Security Research at the University of Indiana, said the first PlayStation Network breach may have tempted hackers by revealing Sony as open to attack. "There's sort of a pile-on effect," Cate said. "Once you hear that there's a vulnerable network out there, other folks start trying. Sony's now a new target of interest."

Other hackers seem to have joined up for reasons other than political or monetary gain. Sites like has sonybeen hacked this week.com demonstrate a curious mixture of genuine curiosity and weary cultural saturation.

"Prior to the PSN hack, the loosely organized Anonymous group had waged war against Sony, reflecting the opinion of a significant share of netizens who got infuriated by Sony's corporate attitude," said Guillaume Lovet, a senior manager of the threat response team at Fortinet. "But now, from being a target for opinion reasons only, it also became a target 'just for the lulz,' for [hacker group] lulzsecurity and others."

"The outcome," Lovet said, "is more attackers, thus more successful hacks."

Some critics have questioned whether Sony's security efforts both before and after the initial breaches have been adequate. Sony has since promised to boost its security systems and review existing procedures. Still, according to experts, many of the attacks used to breach Sony's sites are fairly basic hacks that the company could easily have protected against.

"They seemingly have an almost anarchistic approach to global network security, with no visible coordination of security practices across Internet properties," said Abrams. "Some properties, such as Sony Pictures, seem to have been ignoring basic security best practices."

Part of the problem is Sony’s huge international web presence. Experts say its highly unlikely that the company's multiple divisions, from movies to gaming, are following any coordinated set of security protocols.

"Sony has disclosed many breaches, including different servers in Indonesia and Thailand. I highly doubt that the same developers who developed these websites are the same developers who worked on the Playstation Network, Sony Pictures, etc.,” said Derek Manky, a senior security strategist at Fortinet. "Quite simply, there is a tradeoff: Security dwindles as you add convenience and complexity."

While the novelty of hacking Sony may continue to diminish as other cybersecurity stories hit the news, it's clear Sony must get its act together or risk more attacks, a loss of customer faith and money and possible government intervention. 

"Sony needs time to get their security house in order," Jeremiah Grossman, the CTO of WhiteHat Security wrote in an email. "As an organization, Sony could see this as an opportunity. A year or more from now, they could be an example of how security SHOULD be done across the entire industry."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Why does Sony getting hacked for multiple times (full report)"https://www.voiceofgreyhat.com/2011/06/why-sony-does-soney-getting-hacked-for.html</a>

Drupal.org Hacked ! More Than 967,000 Registered User Details Compromised

Drupal.org Hacked ! More Than 967,000 Registered User Details Compromised 

Drupal, one of the most famous and widely used open-source content management framework have fallen victim to cyber criminals. The Drupal Security Team and Infrastructure Team has discovered unauthorized access to account information on the official Drupal website and another site called groups.drupal.org. This security breach has exposed user names, country, and email addresses along with hashed passwords of more than 967,000 registered users on the Drupal.org. But still a matter of relief is that the breach failed to infiltrate the credit card details which was stored on the same server. According to security release unauthorized access was made via third-party software installed on the Drupal.org server infrastructure, and was not the result of a vulnerability within Drupal itself. Drupal team have worked with the vendor to confirm it is a known vulnerability and has been publicly disclosed. They are still investigating and will share more detail when it is appropriate. Upon discovering the files during a security audit, the security team has already shut down the association.drupal.org website to mitigate any possible ongoing security issues related to the files. The Drupal Security Team then began forensic evaluations and discovered that user account information had been accessed via this vulnerability. The suspicious files may have exposed profile information like username, email address, hashed password, and country. In addition to resetting your password on Drupal.org, it is also recommending a number of measures (below) for further protection of your information, including, among others, changing or resetting passwords on other sites where you may use similar passwords. 

As a precautionary measure of the said security breach, Drupal Security Team has reset all Drupal.org account holder passwords and are requiring users to reset their passwords at their next login attempt. A user password can be changed at any time by taking the following steps. 

1. Go to https://drupal.org/user/password 
2. Enter your username or email address. 
3. Check your email and follow the link to enter a new password. It can take up to 15 minutes for the password reset email to arrive. If you do not receive the e-mail within 15 minutes, make sure to check your spam folder as well.

Counter Measures that Drupal has Taken to avoid such mishap is something followed- as attacks on high-profile sites (regardless of the software they are running) are common, Drupal strive to continuously improve the security of all Drupal.org sites. To that end, Drupal have taken the following steps to secure the Drupal.org infrastructure:

• Staff at the OSU Open Source Lab (where Drupal.org is hosted) and the Drupal.org infrastructure teams rebuilt production, staging, and development webheads and GRSEC secure kernels were added to most servers
• Drupal is scanning and have not found any additional malicious or dangerous files and making scanning a routine job in their process
• There are many subsites on Drupal.org including older sites for specific events. Drupal created static archives of those sites.

This security breach of Drupal which affected more than 967,000 users is giving us a remind of the decent history of breach where we have seen a slew of attacks against the following sites: Scribd, Guild Wars 2, Gamigo, Blizzard, Yahoo, LinkedIn, eHarmony, Formspring, Android Forums, Gamigo,  Nvidia,Blizzard, Philips, Zynga, VMWare, Adobe,  Twitter  New York Times, Apple and so on. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Drupal.org Hacked ! More Than 967,000 Registered User Details Compromised "https://www.voiceofgreyhat.com/2013/06/Drupal.org-Hacked-967000-User-at-Risk.html</a>

FBI says it is "reviewing" PSN security breach

The Federal Bureau of Investigation (FBI) is currently "reviewing" a recent security breach that compromised user data and downed the PlayStation Network (PSN) for over a week.

"The FBI is aware of the reports concerning the alleged intrusion into the Sony on line game server and we have been in contact with Sony concerning this matter," special agent Darrell Foxworth told Kotaku.

"We are presently reviewing the available information in an effort to determine the facts and circumstances concerning this alleged criminal activity."

Meanwhile, at least two dozen state AG's have kicked off their own investigation of the incident, with the FTC confirming it could theoretically claim jurisdiction in a case that involved loss of customer data via a securitybreach. 



"The fact that sensitive information was apparently accessed without authorization makes me especially concerned about the possibility of financial fraud and targeted phishing scams," Connecticut Attorney General George Jepsen wrote in an official letter to SCE CEO Jack Tretton.

"What is more troubling is Sony's apparent failure to promptly and adequately notify affected individuals of this large-scale breach."

As expected, a number of other countries aside from the United States have expressed concern over the embarrassing and damaging security lapse.

For example, the city of Taipei (Taiwan) is apparently demanding that Sony provide satisfactory details about the leak within 10 days or face heavy fines for alleged breaches of local consumer protection laws. 

"Manufacturers and service providers should take responsibility for their customers' reasonable expectations of security, including personal information security," Taiwan capital's Law and Regulation Commission said in a letter obtained by PC World.

"This incident [is said to] involve leaks of consumer names, e-mails, birth dates and even credit card information."



Indeed, security researchers say stolen credit card information may already be up for sale on various Internet forums.

"The hackers that hacked PSN are selling off the DB. They reportedly have 2.2 million credits cards with CVVs," Trend Micro security expert Kevin Stevens claimed in a tweet.

"Supposedly the hackers selling the DB says it has: fname, lnam, address, zip, country, phone, email, password, dob, ccnum, CVV2, exp date... It is not a rumor, it was a conversation on a criminal forum. [Still], I never saw the DB so I can't verify if it is real."

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">FBI says it is "reviewing" PSN security breach"https://www.voiceofgreyhat.com/2011/04/fbi-says-it-is-reviewing-psn-security.html</a>

Formspring Hacked, 420000 Password Hashes Stolen In a Security Breach

Formspring Hacked, 420000 Password Hashes Stolen In a Security Breach

formspring.me widely known as Formspring  is the latest in the seemingly unending list of websites to have suffered a security breach. More than 420,000 passwords for Formspring accounts have fallen into the wrong hands and posted publically to the internet. The incident brings back memories of the password leaks at popular sites such as LinkedIn and eHarmony about a month ago. A blog entry posted by Formspring's CEO and founder Ade Olonoh explains that the passwords of all 28 million users have been disabled after all, only 420,000 have been posted on the net.

According to the firm, usernames and other identifying information were not published alongside the stolen password hashes. Furthermore, in a positive sign, users were told that the SHA-256 hashed passwords were salted - and that Formspring is now tightening security further by introducing stronger bcrypt cryptographic hashes. Formspring also says that it has identified the security hole that allowed a hacker to breach its systems:

"Once we were able to verify that the hashes were obtained from Formspring, we locked down our systems and began an investigation to determine the nature of the breach. We found that someone had broken into one of our development servers and was able to use that access to extract account information from a production database."

After being informed of this discovery, the operators of the platform soon managed to trace the leak to one of their development servers which had allowed an attacker to access a production server and said that they successfully closed it. Formspring has also reset all user passwords. As per latest information, Formspring appears to have dealt with the security breach quickly and fairly transparently.

Basiacally Formspring is a social Q&A website, launched in November 2009. The site allows its users to set up a profile page, follow other users and ask questions from other users. The questions and their given responses are then published on the user's profile page. It is operated by Formspring.me, Inc. a company headquartered in San Francisco.

-Source (NS, The-H & Formspring)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Formspring Hacked, 420000 Password Hashes Stolen In a Security Breach"https://www.voiceofgreyhat.com/2012/07/formspring-hacked-420000-password.html</a>

Security Breach on The Linux Foundation, Linux.com & their Subdomains

Dig a the history and go back into the previous week I hope you can surely remember  the attack on Linuxkernel.org. Now The Linux foundation is under cyber attack. the Linux Foundation has pulled its websites from the web to clean up from a “security breach.”
A notice posted on the Linux Foundation said the entire infrastructure including LinuxFoundation.org, Linux.com, and their sub domains are down for maintenance due to a security breach that was discovered on September 8, 2011.
“The LinuxFoundation made this decision in the interest of extreme caution and security best practices. We believe this breach was connected to the intrusion on kernel.org,” the group said.

Official Notice By The Linux Foundation is posted on their website and that is:- 

"Linux Foundation infrastructure including LinuxFoundation.org, Linux.com, and their subdomains are down for maintenance due to a security breach that was discovered on September 8, 2011. The Linux Foundation made this decision in the interest of extreme caution and security best practices. We believe this breach was connected to the intrusion on kernel.org.
We are in the process of restoring services in a secure manner as quickly as possible. As with any intrusion and as a matter of caution, you should consider the passwords and SSH keys that you have used on these sites compromised. If you have reused these passwords on other sites, please change them immediately. We are currently auditing all systems and will update this statement when we have more information.
We apologize for the inconvenience. We are taking this matter seriously and appreciate your patience. The Linux Foundation infrastructure houses a variety of services and programs including Linux.com, Open Printing, Linux Mark, Linux Foundation events and others, but does not include the Linux kernel or its code repositories.
Please contact us at info@linuxfoundation.org with questions about this matter."

For More Information Click Here

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Security Breach on The Linux Foundation, Linux.com & their Subdomains"https://www.voiceofgreyhat.com/2011/09/security-breach-on-linux-foundation.html</a>

EPA -Environmental Protection Agency Hacked, Personal Information of 8,000 Employees Exposed

EPA -Environmental Protection Agency Hacked, Personal Information of 8,000 Employees Exposed

Another security breach occurred which effected thousands of employees of Environmental Protection Agency also known as EPA. The EPA authority confirmed that breach exposed the Social Security numbers and banking information of nearly 8,000 people. This security breach added the name of EPA among those (LinkedIn, eHarmony, Formspring, Yahoo, Android Forums, Nvidia, Gaimgo and Dropbox) who recently fallen victim to the cyber criminals. The agency wouldn't say whether the breach involved or affected any government contractors but the resources is saying that 5,100 current employees and some 2,700 "other individuals" about a March security incident that exposed personal information on an EPA database. Those impacted were informed about the breach Tuesday, four months after it occurred. Included among the exposed information was Social Security numbers, bank routing numbers and home addresses. The EPA is offering free credit-monitoring services for one year to people affected by the breach and established a hotline for those who want to call about their concerns.

According to the EPA statement- "Vigilantly keeping data secure from increasingly sophisticated cyber threats is a top priority at EPA. The agency has already added new safeguards in response to the incident." The agency's Office of the Inspector General confirmed only that an investigation is underway. 

-Source (Business Journal) 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">EPA -Environmental Protection Agency Hacked, Personal Information of 8,000 Employees Exposed"https://www.voiceofgreyhat.com/2012/08/EPA-Environmental-Protection-Agency-Hacked.html</a>

Android & NVIDIA Forum Hacked, Millions of User Credentials Stolen

Android & NVIDIA Forum Hacked, Millions of User Credentials Stolen 

After the massacre of Formspring & Yahoo! Voice yet again security breach effected NVIDIA & Phandroid Forum. Hackers have gained illegal access and stolen millions username & password hashes from those said forums.

NVIDIA has temporarily shutdown its online developer forum, after it fell victim to cyber criminals who may have gained access to members' hashed passwords. NVIDIA says that it took the site down last week to investigate intrusions into its systems by unauthorised third parties. The intruders reportedly gained access to private user data, including usernames, email addresses, and hashed passwords with random salt values. Data in users' "About Me" profiles, such as age, birthdate, gender and location, was also accessed in the breach; however, this information was already publicly accessible on the site.

In the security notice, NVIDIA said that it is currently "employing additional security measures to minimize the impact of future attacks", adding that it hopes to restore the Forums as soon as possible. Once restored, the company says that it will reset all user passwords and send an email to users with a temporary password and instructions on how to change it

Phandroid, a popular Android news site & online community popular with fans of Android smartphones faced cyber attack. Phandroid has confirmed that its Android Forums was compromised using "a known exploit", and data including usernames, hashed passwords and so forth were accessed. According to Phandroid's notice about the security breach, the user table of Android Forum's database was accessed by unknown intruders. 

The database in question contains a variety of information on forum users, including usernames, email addresses, hashed and salted passwords, registration IP addresses; also other forum-related data, such as last time online and post date as well as post count. Based on current information, the site's community manager says that they cannot confirm if the data was in fact downloaded, adding that they believe the attack was "most likely an e-mail harvesting attempt". Additional steps to further harden server security and "extra 'just in case' actions" have also reportedly been taken.

As per report more than 1 million users of Phandroid forum are potentially affected by the security breach. The site's administrators advise all users to change their passwords as soon as possible through the User Control Panel (UserCP) or by using the "Forgot your password?" function.

We would like to give you reminder that other sites who have been hit by hackers, while stealing information about users in recent weeks include Yahoo Voices, Formspring, eHarmony and LinkedIn. There also we have seen the same scenario where hackers have stolen millions of user credentials of those sites. 

 -Source (NVIDIA, Phandroid, The-H)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Android & NVIDIA Forum Hacked, Millions of User Credentials Stolen"https://www.voiceofgreyhat.com/2012/07/android-nvidia-forum-hacked-millions-of.html</a>

Hackers Breached Adobe Server in Order to Compromise Certificate to Sign malware

Hackers Breached Adobe Server in Order to Compromise Certificate to Sign malware

Few advanced hackers have managed to break into an internal server at Adobe to compromise a digital certificate that allowed them to create at least two files that appear to be legitimately signed by the software maker, but actually contain malware. This security breach took place on Thursday and the software giant Adobe confirmed that the attackers signed at least two malicious utility programs with the valid Adobe certificate. The company traced the problem to a compromised build server that had the ability to get code approved from the company’s code-signing system. As a result of the breach, which appears to date back to early July, Adobe on Oct. 4 expects to revoke the compromised certificate that was used to sign the malicious files. According to Brad Arkin, senior director of product security and privacy for Adobe “This only affects the Adobe software signed with the impacted certificate that runs on the Windows platform and three Adobe AIR applications that run on both Windows and Macintosh,” 

Arkin wrote. “The revocation does not impact any other Adobe software for Macintosh or other platforms.” The company uncovered the breach after coming across two malicious "utilities" that appeared to be digitally signed with a valid Adobe cert. It is unclear how or whether those files were used in the wild to target anyone. "Sophisticated threat actors use malicious utilities like the signed samples during highly targeted attacks for privilege escalation and lateral movement within an environment following an initial machine compromise," Arkin wrote

In another blog posted by Arkin, he said that, generally speaking, most Adobe users won't be affected. "Is your Adobe software vulnerable because of this issue?" he wrote. "No". This issue has no impact on the security of your genuine Adobe software. Are there other security risks to you? We have strong reason to believe that this issue does not present a general security risk. The evidence we have seen has been limited to a single isolated discovery of two malicious utilities signed using the certificate and indicates that the certificate was not used to sign widespread malware."

The "build" server that was compromised was not configured according to Adobe's corporate standards, but that shortfall wasn't caught during the provisioning process, Arkin said. He added that the affected server did not provide the adversaries with access to any source code for other products, such as the popular Flash Player and Adobe Reader and Acrobat software. 

Here we would like to give you reminder that in the last few months we have been a slew of attacks against the following sites: Guild Wars 2, Gamigo, Blizzard, Yahoo, LinkedIn, eHarmony, Formspring, Android Forums, Gamigo,  Nvidia,Blizzard and  Philips. And after this breach Adobe also enlisted its name among those who was fallen victim to cyber criminals in this year. For all the latest on cyber security and hacking related stories; stay tuned with VOGH. 

UPDATE: Recently we got an update, where Adobe denies the breach. In their later press release an Adobe spokeswoman said the certificate was not actually stolen: "Adobe has stringent security measures in place to protect its code signing infrastructure. The private keys associated with the Adobe code signing certificates were stored in Hardware Security Modules (HSMs) kept in physically secure facilities. We confirmed that the private key associated with the Adobe code signing certificate was not extracted from the HSM."

-Source (Adobe, SC Magazine, WIRED)

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Hackers Breached Adobe Server in Order to Compromise Certificate to Sign malware"https://www.voiceofgreyhat.com/2012/09/Adobe-Server-Breached-Certificate-Stolen.html</a>

Cupid Media Network Breach Exposes 42 Million Passwords in Plain Text

Cupid Media Network Breach Exposes 42 Million Passwords in Plain Text (Uunencrypted)

Cupid Media one of the leading niche online dating network that have more than 35 large online dating website, faced a massive intrusion that effects more than 42 million of its registered users. From an exclusive report of Kerbs On Security we came to know that the breach was taken earlier in this year. Where the hackers managed to gain access into the crucial servers belongings to Cupid Media network. According to the managing director of Cupid Media, Mr Andrew Bolton - "In January we detected suspicious activity on our network and based upon the information that we had available at the time, we took what we believed to be appropriate actions to notify affected customers and reset passwords for a particular group of user accounts.” After a preliminary investigation it has been found that the purloined database of Australia-based niche dating service Cupid Media was found on the same server where hackers had amassed tens of millions of records stolen from Adobe. More than 42 million peoples' unencrypted names, dates of birth, email addresses and passwords have been found from the pinched database. I am very much wearied to see that a high value site like Cupid is unconcerned about the basic security counter measure. Even their confidential tables remained unencrypted which allows the hacker to gain the personal information in plain text. Like the Cupid Media security team, the registered users also found very much inadvertent and unaware of basic security measures. I am saying this because of the leaked passwords, almost two million picked "123456", and over 1.2 million chose "111111". "iloveyou" and "lovely" both beat out "password", and while 40,000 chose "qwerty", 20,000 chose the bottom row of the keyboard instead - yielding the password "zxcvbnm". 

Jason Hart of famous data protection firm Safenet said "The true impact of the breach is likely to be huge. Yet, if this data had been encrypted in the first place then all hackers would have found is scrambled information, rendering the theft pointless."

This security breach of Cupid Media reminds us  the decent history of breach where we have seen a slew of attacks against the following sites: Drupal.org  Scribd, Guild Wars 2, Gamigo, Blizzard, Yahoo, LinkedIn, eHarmony, Formspring, Android Forums, Gamigo,  Nvidia,Blizzard, Philips, Zynga, VMWare, Adobe,  Twitter,  New York Times, Apple and so on. While covering this story on behalf of VOGH, I am warning our readers across the globe to use strong alphanumeric passwords to avoid such disaster. Also the webmasters and security administrator are highly recommended to use salted encryption in their database to prevent fortuitousness cyber attack. 

SHARE OUR NEWS DIRECTLY ON SOCIAL NETWORKS:-
<a href=">Cupid Media Network Breach Exposes 42 Million Passwords in Plain Text "https://www.voiceofgreyhat.com/2013/11/cupid-media-breach-exposes-42million-plaintext-passwords.html</a>