Asheeta Regidi reports: The government is pushing very strongly for a cashless society. After the demonetisation move, several initiatives have been seen to further encourage going cashless. The latest of these is the Ministry of Urban Development’s direction for all Urban Local Bodies to shift to e-payments. While cashless transactions are a convenience and the…
Category: Commentaries and Analyses
Sadly, SQL injection attacks never go out of style – or effectiveness
“Kapustkiy,” a self-described teenager who has been using SQL injection attacks on a number of government sites, today dumped some data from the National Assembly of Ecuador. There were 655 email addresses and passwords in his public paste, although the list contained some duplicates. As he has done in the past, and as he informed this site…
NaMo app non-hack is a small fry; tech security on govt apps is even worse
Srinivas Kodali writes: In the wee hours of December 1, 2016, Javed Khatri, a 22-year-old programmer (note: not a hacker) discovered a common security vulnerability/bug in the Narendra Modiapp. Khatri was able to access the personal information of every registered user of the application through this vulnerability. After sending out a tweet (below) to Modi to report…
A Failed Strategy: Another Derivative Action In A Data Breach Case Goes Down To Defeat
Kevin M. McGinty of Mintz Levin writes: An attempt to impose liability on corporate officers and directors for data breach-related losses has once again failed. On November 30, 2016, a federal judge in Atlanta issued a 30 page decision dismissing a shareholder derivative action arising out of the September 2014 theft of customer credit card data…
Your VISA Credit Card Can Be Hacked In Just Six Seconds: Study
Press Trust of India reports: It may take as little as six seconds for hackers to guess your credit or debit card number, expiry date and security code, say scientists who were able to circumvent all security features meant to protect online payments from fraud. Exposing the flaws in the VISA payment system, researchers from…
Study Finds Companies May Do Too Much For Data Breach Victims
Joseph J. Lazzarotti writes: A recent study at the University of Arkansas suggests that organizations should avoid doing too much for individuals affected by a data breach. That is, when organizations provide compensation to breach victims that exceeds the victims’ expectations it could backfire. Those victims may become suspicious, thinking the organization has something to hide, which…