Ankush Johar writes, in part: The government claimed that Aadhaar is completely secure, and the data of the consumers was absolutely safe from any malicious party until a severe flaw was detected in the system. The bug allowed a malicious operator to save a user’s biometrics and simply use it to carry out transactions on…
Category: Commentaries and Analyses
Computer hacking victims to receive up to £6,000 compensation for ‘distress’ caused by cyber crime, under new plans
Not the most technical/legal explanation of the new EU regs, but this Daily Mail piece by Ben Ellery does convey some of what is concerning businesses: Computer hacking victims will be able to claim thousands of pounds in compensation under new laws – even if they do not lose any money. The ‘distress’ they suffer…
Kromtech Security Center Releases Tool to Identify and Prevent Data Leaks for Amazon S3 Users
Since 2015, this site has been reporting on data leaks due to misconfigured databases or devices that are indexed on shodan.io or other specialized search engines. Many of the leaks I have reported on involve AWS S3 buckets. And despite the fact that Amazon has issued reminders and guidance to its customers about securing buckets,…
Protenus releases its Breach Barometer report for September
You can access their report here. Once again, we saw insider wrongdoing breaches taking a long time to discover. Hacking accounted for 50% of the 46 breaches we recorded for the month, and eight of the hacks also involved extortion demands. If you’re thinking, “That sounds like TheDarkOverlord,” give yourself a pat on the back….
UK: NHS data loss scandal deepens with further 162,000 files missing
Rajeev Syal and Denis Campbell report: The scandal over the biggest ever loss of NHS medical correspondence has deepened with the revelation that a further 162,000 documents went missing, in addition to the 702,000 pieces of paperwork already known to have gone astray. MPs said they were “dumbstruck” to learn that even more material relating…
Chase Brexton Health Care notifies more than 16,000 patients after phishing incident
Chase Brexton Health Care in Maryland recently notified 16,562 patients after four employees fell for a phishing attack. The phishing emails were sent on August 2 and 3, and by August 4, the attackers had re-routed employees’ paychecks. Of note, there was no evidence that the attackers were seeking – or ever accessed or viewed –…