The GoGet car hire service was hacked, and payment details of some customers remain at risk.
From the article: The company says it didn’t warn affected customers sooner under the advice of NSW Police, so as not to jeopardise their investigation or lead to the information being shared.
Customers have now been notified after police arrested a suspect at his NSW home yesterday and seized “computers, laptops and electronic storage devices”.
Yeah i woke to an email from them. Must have made an enquiry at some point.
The original post above makes it sound like the company was asked / advised by police, whereas the article linked in the first response states… “The company said it had chosen to hold off on notifying customers of the breach based on police advice…”
They chose profits over customers. Continual breaches are scary given metadata requirements etc these days.
By the way to check your own email addresses or former passwords for breaches, you can go to…
You’d be surprised the problems being a white-hat hacker can cause you some years down the track when someone vindictive tells stories to the right people and neglects to mention the context. The advice I would give here is keep on good terms with people who can validate your story, which is the truth. You never know when you might need them…
I’d be tempted to ask, based on personal experience, how many companies (particularly those who outsource their internet facing hosting) ever become aware they were hacked. I reckon I could tell a couple of really juicy stories - and I bet in the bigger picture there are stories even bigger and juicer
At least that is one thing which has improved in the last 10-15. There was a time, still this century, when you could talk until you were blue (but not police blue) in the face to police about what we now call ‘cyber crime’ and the blank look you would get equated to a ream of virgin A0. The situation has improved, and yet thankfully I don’t have those kind of interactions anymore …
Of course, six months between hack and notification is better than Catch of the Day (which now calls itself Catch) managed - it took three years to tell anyone. Then there’s Yahoo-level embarrassment, with half-a-billion - wait, we mean three billion! - hacked accounts.
Edit: am I the only reader to find the humour in this headline stating “GoGet hacked”?
Ah yes - a growing area of research. I hear it’s quite a stimulating field. My understanding is that there are often unplanned hardware (or wetware) failures, to go with the security concerns. Not that researchers are too worried - they’ll probably get a raise for that body of work.
In total, Cubrilovic faced 39 charges including dishonestly obtaining a financial advantage, dealing with identity information to commit an indictable offence, and taking and driving a vehicle without the consent of its owner.
The vast majority of the charges were withdrawn and dismissed, with Cubrilovic pleading guilty to four charges of taking a vehicle without consent, and a single charge each of dealing with identity information and dishonestly obtaining a financial advantage.
Cubrilovic, who is out on bail, is due to front Local Court in Sydney for sentencing on 1 May.
The researcher had been due to face trial this week but changed his plea earlier this month.