Magic: The Gathering game maker exposed 452,000 players account data

The maker of Magic: The Gathering has confirmed that a security lapse exposed the data on hundreds of thousands of game players. The game’s developer, the Washington-based Wizards of the Coast, left a database backup file in a public Amazon Web Services storage bucket. The database file contained user account information for the game’s online arena. But there was no password on the storage bucket, allowing anyone to access the files inside. The bucket is not believed to have been exposed for long — since around early-September — but it was long enough for U.K. cybersecurity firm Fidus Information Security to find the database. A review of the database file showed there were 452,634 players’ information, including about 470 email …

6 tips founders need to know about securing their startup

If you’ve read anything of mine in the past year, you know just how complicated security can be. Every day it seems there’s a new security lapse, a breach, a hack, or an inadvertent exposure, such as leaving a cloud storage server unprotected without a password. These things happen, but they don’t have to; aecurity isn’t as difficult as it sounds, but there’s no one-size-fits-all solution. We sat down with three experts on the Extra Crunch stage at TechCrunch’s Disrupt SF earlier this month to help startups and founders understand what they need to do, when, and why. We asked Google’s Heather Adkins, Duo’s Dug Song, and IOActive’s Jennifer Sunshine Steffens for their best advice. Here’s what they had to …

Facebooks lead EU regulator is asking questions about its latest security fail

Facebook’s lead data protection regulator in Europe has confirmed it’s put questions to the company about a major security breach that we reported on yesterday. “The DPC became aware of this issue through the recent media coverage and we immediately made contact with Facebook and we have asked them a series of questions. We are awaiting Facebook’s responses to those questions,” a spokeswoman for the Irish Data Protection Commission told us. We’ve reached out to Facebook for a response. As we reported earlier, a security research discovered an unsecured database of hundreds of millions of phone numbers linked to Facebook accounts. The exposed server contained more than 419 million records over several databases on Facebook users from multiple countries, including …

After breach, Stack Overflow says some user data exposed

After disclosing a breach earlier this week, Stack Overflow has confirmed some user data was accessed. In case you missed it, the developer knowledge sharing site confirmed Thursday a breach of its systems last weekend, resulting in unauthorized access to production systems — the front-facing servers that actively power the site. The company gave few details, except that customer data was unaffected by the breach. Now the company said the intrusion on the website began about a week earlier and “a very small number” of users had some data exposed. “The intrusion originated on May 5 when a build deployed to the development tier for stackoverflow.com contained a bug, which allowed an attacker to log in to our development tier …