Breach Brief – Quora, Jared & Kay Jewelers

Published On December 31, 2018 | By Tom Huskerson | Breach Briefs

Question and answer website Quora reported that it got hit by a data breach affecting 100 million users. 

Quora reported that it discovered unauthorized access by a malicious third party on Friday. The company is investigating the the exact cause of of the breach in cooperation with a digital forensics firm and law enforcement.

Compromised user information includes names, email addresses, encrypted passwords and data imported by users from linked networks.

In a statement Quora representatives said, “The overwhelming majority of the content accessed was already public on Quora, but the compromise of account and other private information is serious.”

Affected users have been logged out, with a forced password reset for those who chose this as their authentication method.

Kay and Jared Jewelers

If you’re shopping for diamonds this holiday season you need to know that Kay and Jared Jewelers have suffered a data breach. Signet Jewelers, owners of Jared and Kay Jewelers announced that they have repaired a massive data breach that allowed anyone to view the order information of other customers. This information included home addresses and the last four digits of a purchaser’s credit card, according to KrebsonSecurity.com.

The issue was discovered by web designer Brandon Sheehy in November. 

According to Sheehy he modified the link in the confirmation email just slightly, and pasted it into a web browser. The result was that he could see other customer’s orders. Sheehy claimed the action revealed customer’s name, shipping and billing address, phone number, email address, all items and total amounts, the delivery date, the tracking link and the last four digits of the customer’s credit card number.

Sheehy reported the issue to Signet Jewelers requesting they fix it. But according to Sheehy he could still see the information weeks later.

Signet Chief Information Officer Scott Lancaster said the company fixed the issue for all future orders, but not until recently was the issue fixed for past orders.

“When a customer first brought this matter to our attention in early November, we fixed it for all new orders going forward,” Lancaster said. “But we didn’t notice at the time that this applied to all past orders as well as future orders.”

Like this Article? Share it!

About The Author

Tom Huskerson Bio Born in Richmond Virginia Tom Huskerson is a military veteran who settled in California after his discharge. Tom attended Santa Barbara City College where he began his writing career as a campus reporter. He worked as an intern news reporter for the Santa Barbara News-Press writing feature stories before moving on to San Francisco. At San Francisco State University Tom studied broadcast communications and began to focus on the Internet. He completed his graduate thesis on Internet advertising. Tom was the first student to ever focus on the Internet as a graduate student at San Francisco State University. After graduation he went to work for Zona Research in California’s Silicone Valley. As a research associate Tom supported senior analyst writing on the latest developments in the Internet industry. During the dot com boom Tom worked for several web businesses as a market researcher and analyst. As a writer and researcher Tom has authored various technical works including a training program for Charles Schwab security. Other projects included professional presentations on workplace violence and hiring security contractors. Tom has also written both fiction and non-fiction works and blogging for a travel website. He has published two books of short stories and completed two novels. Tom is the owner of Scribe of Life Literature and EbonyCandle.com. Tom is not the chief editor for the OnTechStreet. com. A news and information blog that focuses on tech news for African-Americans. The blog is the result of his desire to inform the African American community of the dangers and benefits of the cyber age. In his blog Tom reports on information security, new and analysis, scams and hoaxes, legal happenings and various topics that arise from the age of information. Tom believes that technology is a necessary tool for black people and they should know what is happening. Tom writes believing that techno speak is for the professional and that valuable information can be communicated using plain language. As a result he has embraced the motto, Less Tech, More Knowledge.

Comments are closed.