We spent a good amount of time in the cybersecurity forum today talking about the Equifax breach. Here’s a summary of some of their key failures, reported by Josh Fruhlinger and based on A U.S. General Accounting Office’s report, and an in-depth analysis from Bloomberg Businessweek. Here are just two of the findings, as reported by Fruhlinger:…
Category: Business Sector
Report: MCMC ends contract with company after massive 2017 phone data leak
Azril Annuar reports: The Malaysian Communications and Multimedia Commission (MCMC) has terminated the services of a firm hired back in 2017 to protect the personal data of mobile phone users. Thus comes after the personal data of the users, including details such as MyKad numbers were reportedly leaked by the same company. Online portal Malaysiakini reported that…
Mum ‘realises any fingerprint can unlock her Samsung’ with eBay screen protector
Shivali Best reports: A mum in West Yorkshire says she was shocked to discover any fingerprint could unlock her Samsung smartphone after she’d fitted a £2.70 screen protector . Lisa Neilson, 34, from Castleford, bought the cover from eBay in the hopes of protecting her Galaxy S10 smartphone. However, once she’d set up her right and left thumb prints to unlock the smartphone,…
Click2Mail issues statement to customers, acknowledges hack (updated)
As reported first by DataBreaches.net, Click2Mail was investigating allegations that they had had a breach. They have now responded to this site’s inquiry on October 4th with a copy of the statement they are sending out to all customers today, below. Update: In a follow-up communication, Lee Garvey, President and CEO of Click2Mail, informs this…
Imperva blames data breach on stolen AWS API key
Catalin Cimpanu reports: Cyber-security firm Imperva published today a detailed post-mortem report of a security breach the company disclosed two months ago, in August. The company blamed the security breach on an Amazon Web Services (AWS) API key a hacker stole from an internal system that was left accessible from the internet. Read more on ZDNet.
JustDial fixes bug that allowed hackers access
The Economic Times reports: Local search service JustDial was found to contain a security flaw, through which a user account could potentially be hacked, but the company managed to rectify it in a day. A cyber security researcher, Ehraz Ahmed, uncovered the vulnerability, which was first reported by moneycontrol.com. Read more at Economic Times.