Thursday 09 February 2017
Silicon, IP EXPO Manchester Media Partner, reports: Sports Direct Hides Massive 2016 Data Breach From 30,000 Employees
Security experts lambaste the retailers handling of the data breach
Sports clothing giant Sports Direct has failed to inform its customers about a major hack attack that say the personal details of 30,000 of its employees stolen.
Back in 2016 a hacker managed to exploit vulnerability in the Sports Direct employee portal content management system, which as the time was DotNetNuke, to gain access to the data.
An anonymous source tipped off The Register
to the breach and noted that the employee data was unencrypted and despite the hack taking place last September it took until December for Sports Direct to notice the breach.
Read more at http://www.silicon.co.uk/security/sports-direct-hack-205214#VcBW7cjRlh8ZLvly.99