fbpx

Download free GDPR compliance checklist!

Tag Archives for " passwords "

Over 190 Law Firms Affected by Advanced Data Leak That Exposed Over 10,000 Legal Documents

A leading UK software company exposed personal information and legal documents belonging to over 190 law firms through a data leak from an unsecured online database.

The information exposed by the data breach included details belonging to the staff of the law firms. The information uncovered in the data leak could be deemed sensitive or special and included details such as hashed passwords, legal documents, passport numbers, mother’s maiden name, and eye colors. The law firms affected had both their “primary” and “form” data leaked.

Source: Over 190 Law Firms Affected by Advanced Data Leak That Exposed Over 10,000 Legal Documents – CPO Magazine

UK looks to replace passwords with biometric technology to reduce NHS login time

The U.K. government is investing £40 million (USD$52 million) in multi-factor authentication technology to upgrade NHS staff computer login system and reduce employee login time, which has reportedly brought great stress and dissatisfaction among staff members.

The system will focus on a partnership with IT system suppliers to replace password logins with biometric multi-factor logins such as fingerprint access, making sure trusts comply and update processes so that staff is granted the access permission needed, and merging local with national system so healthcare facilitators can access all clinical and workforce systems. The upgrade will not only save time logging into different IT systems, but it will also boost infrastructure security.

Source: UK looks to replace passwords with biometric technology to reduce NHS login time | Biometric Update

Study finds consumers would choose biometric authentication over passwords

Passwords are a double-edged sword: they are meant to protect information, but they are also frustrating with so many to remember and manage.

A recent Visa survey showed that 68% of U.S. shoppers have abandoned an online purchase due to forgetting a password, trouble logging in, or issues receiving a one-time passcode.

According to Visa, more than half of credit cardholders who responded to the survey (53%) say they would switch banks if their current doesn’t offer biometric authentication options.

Source: #Privacy: Study finds consumers would choose biometric authentication over passwords

170m passwords stolen in Zynga hack, monitor says

Words With Friends company admitted hack in September but size only now revealed.

More than 170m usernames and passwords were stolen from the company behind Words With Friends in a hack this year. The information accessed by the hacker included email addresses, usernames and passwords stored in securely. The dump also included some Facebook IDs and phone numbers for users who had provided that information to the company.

Source: 170m passwords stolen in Zynga hack, monitor says | Games | The Guardian

Over 21 million stolen login credentials found on the dark web

Stolen login credentials from Fortune 500 companies have been found in numerous places on the dark web, many of which are available in plaintext form.

Amid the 21 million records exposed, it is noted that only 4.9 million of them were fully unique passwords, suggesting that many users have identical or similar passwords. 16 million of them being compromised during the last 12 months.

Source: State of Stolen Credentials in the Dark Web from Fortune 500 Companies | ImmuniWeb Security Blog

Microsoft: Using multi-factor authentication blocks 99.9% of account hacks

Old advice like “never use a password that has ever been seen in a breach” or “use really long passwords” doesn’t really help.

Microsoft says that users who enable multi-factor authentication (MFA) for their accounts will end up blocking 99.9% of automated attacks.

The recommendation stands not only for Microsoft accounts but also for any other profile, on any other website or online service.

Source: Microsoft: Using multi-factor authentication blocks 99.9% of account hacks | ZDNet

Irish data regulator looking into Facebook password gaffe

Ireland’s Data Protection Commission (DCP) has confirmed it’s looking into the hundreds of millions of passwords that Facebook stored without encryption.

The social network notified the regulator that user passwords for Facebook, Facebook Lite and Instagram were stored in plain text in the company’s internal servers.

Source: Irish data regulator looking into Facebook password gaffe | IT PRO

Facebook app developers leaked millions of user records on cloud servers

Facebook app developers left hundreds of millions of user records exposed on publicly visible cloud servers.

The larger of the two data sets came from a Mexican media company called Cultura Colectiva. A 146GB data set with information like Facebook user activity, account names, and IDs was found that included more than 540 million records, the researchers said.

A similar data set was also found for an app called “At the Pool.” While smaller, the latter included especially personal information, including 22,000 passwords apparently used for the app, rather than directly for Facebook.

Source: Facebook app developers leaked millions of user records on cloud servers, researchers say – The Verge

Study shows programmers will take the easy way out and not implement proper password security

In an experiment that involved 43 programmers hired via the Freelancer.com platform, University of Bonn academics have discovered that developers tend to take the easy way out and write code that stores user passwords in an unsafe manner.

For their study, the German academics asked a group of Java programmers to write a user registration system for a fake social network. The results show that the level of understanding of what “secure passwords” mean differs greatly in the web development community.

Paying developers higher rates didn’t help considerably, researchers said. However, the research team found that giving programmers specific instructions to implement a secure password storage system did yield better results than not saying anything at all and then expecting developers to think of security by themselves.

Source: Study shows programmers will take the easy way out and not implement proper password security | ZDNet

1 2 3 5
>