What can your grocery list tell hackers about you?
One recent social media phenomenon that straddles the line between funny and creepy is how various companies use their accounts. Whoever runs their Twitter, for instance, will generally tweet in the first person, as if the business is a person. Sometimes two or more profiles will even engage in some fashion with each other, like… Read More
No rest for health care on data security
Making the rounds last week was Verizon’s 2019 Data Breach Investigations Report. Analyzing over 41,000 security incidents and over 2,000 data breaches during 2018, the study examines the state of affairs across industries. One interesting figure to note is that well over half of data breaches in health care are caused by insiders; but in… Read More
What are the financial costs of a data breach?
It has been a while since we last examined what sort of financial costs companies were enduring due to data breaches. As it happens, they’re finding out that information for themselves. In the news this week are examples of a few such penalties. A 2016 breach is now costing retailer Eddie Bauer a $9.8 million… Read More
Mystery database breach – Could you be one of the 80 million exposed?
Here’s a data breach mystery. It isn’t often that we see a major breach and yet not know for sure who has been affected. Yet that is exactly what we have here, in a story that’s been trending this week, when researchers discovered a 24GB database on an unsecured Microsoft Azure cloud server. Although the… Read More
How to best respond to a data breach
Did you make a resolution to join a gym in 2019? That’s probably the generic go-to pledge. If you did, however, and if you ever bought equipment from Bodybuilding.com’s online store, your data might have been put at risk. We often see how an organization’s employees can be the weakest link in the security chain,… Read More
Breaches at Microsoft and the Federal Government
It has been a hectic week for cybersecurity. I can’t even begin by saying “the big news you might have heard about is,” because that could apply to at least two separate things. This past weekend, Microsoft disclosed a data breach of its Outlook, Hotmail and MSN systems. Although no passwords or email content were… Read More
Potential legislation for corporate data negligence?
Congress is sure going for the throat on this one. Though it is unlikely to pass, Sen. Elizabeth Warren has proposed legislation that would allow for jail time for executives in cases of corporate fraud and negligence. This Corporate Executive Accountability Act (CEAA) seeks to circumvent what its proponents perceive as a traditional lack of… Read More
Big Data, Collected and Shared
The recent announcement from the Federal Emergency Management Agency (FEMA)—about accidentally revealing banking and other personal information on over 2 million people—is yet another example of insecure data sharing, and how different groups might respond differently to the risks of big data. Many survivors of the various major hurricanes and the California wildfires over the… Read More
Educating Students on Cybersecurity
Recently checking my old high school’s website, curious how much the curriculum had changed, I was impressed by the differences I found. Among other new additions, there were even several tech/computer courses that my class definitely was not offered. Of course, this is a much more recent trend, and other schools have followed suit. What… Read More
Encryption as Part of the Defense Strategy
I always take slight issue with data security articles that say in the title that encryption won’t protect against breaches. To me it’s a little misleading. It carries the implication that encryption is almost unnecessary, when that’s not what the article actually goes on to say. Quite the opposite. Rather, what they invariably mean is… Read More