SHIELDing Your Personal Information
Well, this is interesting: This is the second week in a row with data breaches involving both encrypted passwords and digital “account tokens,” which connect to third party services. In this regard, news compiler Flipboard’s recent breach does sound somewhat like Canva’s. Though it’s not yet clear how, Flipboard has announced the unauthorized access of… Read More
Don’t make hackers famous at your expense
A hacker known as GnosticPlayers has now totaled over 1 billion stolen user credentials from 45 companies, according to ZDNet. Usually, we don’t mention specific hackers in our coverage of data security incidents. For one thing, there often isn’t a clear culprit. Even when there is, however, naming them would hardly stir recognition in most… Read More
What can your grocery list tell hackers about you?
One recent social media phenomenon that straddles the line between funny and creepy is how various companies use their accounts. Whoever runs their Twitter, for instance, will generally tweet in the first person, as if the business is a person. Sometimes two or more profiles will even engage in some fashion with each other, like… Read More
No rest for health care on data security
Making the rounds last week was Verizon’s 2019 Data Breach Investigations Report. Analyzing over 41,000 security incidents and over 2,000 data breaches during 2018, the study examines the state of affairs across industries. One interesting figure to note is that well over half of data breaches in health care are caused by insiders; but in… Read More
What are the financial costs of a data breach?
It has been a while since we last examined what sort of financial costs companies were enduring due to data breaches. As it happens, they’re finding out that information for themselves. In the news this week are examples of a few such penalties. A 2016 breach is now costing retailer Eddie Bauer a $9.8 million… Read More
Mystery database breach – Could you be one of the 80 million exposed?
Here’s a data breach mystery. It isn’t often that we see a major breach and yet not know for sure who has been affected. Yet that is exactly what we have here, in a story that’s been trending this week, when researchers discovered a 24GB database on an unsecured Microsoft Azure cloud server. Although the… Read More
How to best respond to a data breach
Did you make a resolution to join a gym in 2019? That’s probably the generic go-to pledge. If you did, however, and if you ever bought equipment from Bodybuilding.com’s online store, your data might have been put at risk. We often see how an organization’s employees can be the weakest link in the security chain,… Read More
Breaches at Microsoft and the Federal Government
It has been a hectic week for cybersecurity. I can’t even begin by saying “the big news you might have heard about is,” because that could apply to at least two separate things. This past weekend, Microsoft disclosed a data breach of its Outlook, Hotmail and MSN systems. Although no passwords or email content were… Read More
Potential legislation for corporate data negligence?
Congress is sure going for the throat on this one. Though it is unlikely to pass, Sen. Elizabeth Warren has proposed legislation that would allow for jail time for executives in cases of corporate fraud and negligence. This Corporate Executive Accountability Act (CEAA) seeks to circumvent what its proponents perceive as a traditional lack of… Read More
Big Data, Collected and Shared
The recent announcement from the Federal Emergency Management Agency (FEMA)—about accidentally revealing banking and other personal information on over 2 million people—is yet another example of insecure data sharing, and how different groups might respond differently to the risks of big data. Many survivors of the various major hurricanes and the California wildfires over the… Read More