Free tools and resources for Data Protection Officers!

Category Archives for "Security"

Microchip implants are threatening workers’ rights

Initially, the chips are being used in place of ID cards as a way of opening secure doors. But there’s good reason to think the use of implants could expand to more sinister purposes, giving employers much greater control over their workers and raising serious concerns over issues related to human dignity, ethics and health.

Full article: Microchip implants are threatening workers’ rights

E-commerce is winning as most Americans now trust online business with their data

Despite conflicting opinions about online privacy, customers choose to shop with companies that take reasonable security precautions.

Most Americans are actually willing to online shop with retailers that previously faced a security breach—if they have taken measures to secure data, according to the report. With years of conflicting news about cybersecurity threats and breaches, users have almost become desensitized to the information, the report found.

Full article: Why e-commerce is winning: Most Americans now trust online retailers with their data – TechRepublic

How Password Constraints Give You a False Sense of Security

The next time you’re forced to make a password—especially if a site requires you to use a crazy combination of uppercase and lowercase letters, or a number, or a symbol—don’t assume that these attempts at obfuscation automatically mean that your password is incredible and secure.

Full article: How Password Constraints Give You a False Sense of Security

6 mobile security threats you should take seriously in 2019

While it’s easy to focus on the sensational subject of malware, the truth is that mobile malware infections are incredibly uncommon in the real world — with your odds of being infected significantly less than your odds of being struck by lightning, according to one estimate.

However, the more realistic mobile security hazards lie in some easily overlooked areas, all of which are only expected to become more pressing in the coming year.

Full article: 6 mobile security threats you should take seriously in 2019 | CSO Online

Hackers erase 6,500 sites from the Dark Web in one attack

One of the most popular Dark Web hosting services – Daniel’s Hosting – was slaughtered last week when attackers hosed it clean of about 6,500 hidden services. The admin says they’re gone for good: he hasn’t even figured out where the vulnerability is yet.

Source: Hackers erase 6,500 sites from the Dark Web in one attack – Naked Security

Cathay Pacific case shows data breach reporting challenges

Multinational companies experiencing a major data breach face significant challenges in co-ordinating co-operation with investigating authorities around the world.

The scale of the challenge was highlighted recently when the chief executive of airline Cathay Pacific, Rupert Hogg, revealed that the company had provided details of a data breach the business first disclosed last month to 27 different authorities spanning 15 jurisdictions.

The case is an example of how the discovery of data breaches can trigger a duty to notify those breaches to not only data protection authorities and impacted customers, but financial regulators and financial markets too.

Full article: Cathay Pacific case shows data breach reporting challenges

Amazon hit with major data breach

Amazon has suffered a major data breach that caused customer names and email addresses to be disclosed on its website, just two days ahead of Black Friday.

The firm said the issue was not a breach of its website or any of its systems, but a technical issue that inadvertently posted customer names and email addresses to its website.

Source: Amazon hit with major data breach days before Black Friday

85% of companies allow employees to access data from personal devices creating security risks

A recent report from security firm Bitglass surveyed IT experts, and found that 85% of organizations enable BYOD policies, citing employee mobility (74%) and employee satisfaction (54%) as the top two reasons for allowing employees, contractors, and other related parties to bring their own devices. However, the convenience of BYOD creates a particularly large attack surface for malicious actors to harvest information from these organizations.

Source: 85% of enterprises allow employees to access data from personal devices, security risks abound – TechRepublic

Hackers are not main cause of health data breaches

Most health information data breaches in the U.S. in recent years haven’t been the work of hackers but instead have been due to mistakes or security lapses inside healthcare organizations, a new study suggests. The top cause of data breaches, accounting for 42 percent of cases and 472 incidents, was theft of equipment or information by unknown outsiders or by current or former employees, the study found.

Source: Hackers are not main cause of health data breaches | Reuters

A leaky database of SMS text messages exposed password resets and 2FA codes

A security lapse has exposed a massive database containing tens of millions of text messages, including password reset links, two-factor codes, shipping notifications and more.

The exposed server belongs to Voxox (formerly Telcentris), a San Diego, Calif.-based communications company. The server wasn’t protected with a password, allowing anyone who knew where to look to peek in and snoop on a near-real-time stream of text messages.

Source: A leaky database of SMS text messages exposed password resets and two-factor codes | TechCrunch

>