Friday, December 24, 2010

Data security breach at the North Pole! Santa's Naughty/Nice list compromised - - 24 Dec 2010

Following attacks on Gawker, Walgreens and McDonalds, it seems hackers have set their eyes on a new target: Santa!

Reports from the North Pole have confirmed that Santa's Naughty/Nice list has been compromised.

The list is said to contain the name, stocking address and naughty/nice score (the child equivalent of a credit score) of every child on earth. Absent from the leaked data is the "What I want for Christmas" list which is said to be stored in a separate database.

While St. Nick is not commenting on how the leak occurred, an insider elf mentioned a spear phishing campaign a few days ago promising milk and cookies after logging in to a suspicious site.

In the meantime, Santa is asking children to reset the password on their stockings. Santa's workshop has also set up a hotline for children who get coal in their stockings on Christmas day due to any mix up.

This attack and others are a reminder to all that sending spam will land you on the naughty list, even if you manage to get a copy of that list.

by SophosLabs

No comments: