Mystery database breach – Could you be one of the 80 million exposed?

Here’s a data breach mystery.  It isn’t often that we see a major breach and yet not know for sure who has been affected.  Yet that is exactly what we have here, in a story that’s been trending this week, when researchers discovered a 24GB database on an unsecured Microsoft Azure cloud server.  Although the… Read More

How to best respond to a data breach

Did you make a resolution to join a gym in 2019?  That’s probably the generic go-to pledge.  If you did, however, and if you ever bought equipment from’s online store, your data might have been put at risk.  We often see how an organization’s employees can be the weakest link in the security chain,… Read More

Breaches at Microsoft and the Federal Government

It has been a hectic week for cybersecurity.  I can’t even begin by saying “the big news you might have heard about is,” because that could apply to at least two separate things.  This past weekend, Microsoft disclosed a data breach of its Outlook, Hotmail and MSN systems.  Although no passwords or email content were… Read More

Potential legislation for corporate data negligence?

Congress is sure going for the throat on this one.  Though it is unlikely to pass, Sen. Elizabeth Warren has proposed legislation that would allow for jail time for executives in cases of corporate fraud and negligence. This Corporate Executive Accountability Act (CEAA) seeks to circumvent what its proponents perceive as a traditional lack of… Read More

Big Data, Collected and Shared

The recent announcement from the Federal Emergency Management Agency (FEMA)—about accidentally revealing banking and other personal information on over 2 million people—is yet another example of insecure data sharing, and how different groups might respond differently to the risks of big data. Many survivors of the various major hurricanes and the California wildfires over the… Read More

Educating Students on Cybersecurity

Recently checking my old high school’s website, curious how much the curriculum had changed, I was impressed by the differences I found.  Among other new additions, there were even several tech/computer courses that my class definitely was not offered.  Of course, this is a much more recent trend, and other schools have followed suit. What… Read More

Encryption as Part of the Defense Strategy

I always take slight issue with data security articles that say in the title that encryption won’t protect against breaches.  To me it’s a little misleading.  It carries the implication that encryption is almost unnecessary, when that’s not what the article actually goes on to say.  Quite the opposite.  Rather, what they invariably mean is… Read More

Cybercrime targeting your kids and your DNA

Part of this blog’s purpose is to keep people up to date with the latest threats from cyber criminals.  Naturally, when we find mention of a trend neglected by the research community, I feel obligated to give it what small signal boost I can.  In this case, it’s in the field of biotech, and new… Read More

How Do You Prioritize Security?

It’s no secret by now that cybersecurity often falls on a lower rung of priorities for companies.  Developers of an application, for example, are most interested in facilitating the best, most convenient experience for customers as possible.  Security can, in comparison, fall by the wayside.  But in failing to sufficiently keep their data safe, can… Read More

Taking Customer Privacy Seriously

One interesting little statistic I noticed comes from Zack Whittaker.  In the wake of a data breach, he discovered that there’s one common response companies will usually trot out for their customers or users.  “We take your privacy and security seriously,” or some variation of the phrase.  Out of 285 data breach notifications examined, he… Read More