Japanese web portals hacked, up to 100, 000 accounts comprimsed

[Erica Absetz <erica () riskbasedsecurity com>]

http://www.networkworld.com/news/2013/040413-japanese-web-portals-hacked-up-268387.html?source=nww_rss

IDG News Service - Two of Japan's major Internet portals were hacked
earlier this week, with one warning that as many as 100,000 user
accounts were compromised, including financial details.

Goo, a Japanese Internet portal owned by network operator NTT, said it
had no choice but to lock 100,000 accounts to prevent illicit logins.
The company said it had confirmed some of the accounts had been
accessed by non-users. The accounts can include financial details such
as credit card and bank account information, as well as personal
details and email.

The Web portal said it detected a series of brute-force attacks late
Tuesday evening, with some accounts hit by over 30 login attempts per
second. Goo said the attacks came from certain IP addresses, but
didn't disclose any more information.

Also on Tuesday evening, Yahoo Japan said it discovered a malicious
program on company servers. The program had extracted user data for
1.27 million users, but was stopped before it leaked any of the
information outside of the company.

There was no immediate connection between the two incidents.

Yahoo Japan, owned by Softbank, is the country's dominant Internet
portal and accounts for over 55 percent of search and portal use in
the country, with hundreds of millions of page views per day,
according to online service provider GA-Pro. The portal, operated
separately from its U.S. namesake, has a strong mobile presence as
parent Softbank also runs one of Japan's largest mobile operators.
Rival Google accounts for about 42 percent.

Goo was extremely popular a decade ago as the Internet became popular
in Japan, but has faded in recent years and currently accounts for
less than 1 percent of Internet users. The site offers an array of
portal services including search, mail and shopping.

Goo said it is still determining the scale of the damage from the
attacks, while increasing its monitoring and asking users to pick more
complicated passwords.

Yahoo Japan said it was taking the incident seriously and working to
prevent reoccurrences.
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.