Robin Sidel reports: Terrified by a string of recent hacks, banks are spending billions of dollars trying to fend off a faceless army of digital intruders. But the biggest threats may come from within. Banks fear a growing number of employees are unwittingly exposing valuable information to hackers or in some cases leaving digital clues that…
Category: Commentaries and Analyses
UK: Schools reported for hack attacks and data breaches avoid ICO punishment
From the get-of-jail-free dept., Freddie Whittaker reports: Dozens of schools that breached data protection rules have walked away without punishment, despite being reported to the information watchdog. New figures obtained exclusively by Schools Week show that during the past school year the Information Commissioner’s Office (ICO) dealt with 66 reports of breaches by schools of the Data…
LifeLock to Pay $100 Million to Consumers to Settle FTC Charges it Violated 2010 Order (Updated)
I had previously reported that LifeLock was negotiating to settle FTC charges that it had violated a 2010 consent order. Now it’s official. From the FTC: LifeLock will pay $100 million to settle Federal Trade Commission contempt charges that it violated the terms of a 2010 federal court order that requires the company to secure…
Hospitals Aren’t the Only Ones Bleeding Health Records
Kaveh Waddell reports on an issue near and dear to my heart: not all entities that collect or store health information are HIPAA-covered entities. Earlier this year, as one example, we saw the Systema Software leak that impacted numerous firms with a wealth of workers compensation claims. And last year, we saw many employees’ wellness data breached…
Number of leaking MongoDB databases increasing: Shodan founder
Yesterday’s news about a MongoDB database belonging to MacKeeper (Kromtech) leaking certainly got a lot of media attention. But now do read John Matherly’s comments on Shodan. Matherly, the founder of Shodan, notes that the number of available, unauthenticated instances of MongoDB has actually increased in the past few months. Of note, he explains that increase is occurring…
Despite warnings earlier this year, tens of thousands of databases continue to leak (update1)
Back in February, some students from the Centre for IT-Security, Privacy and Accountability (CISPA) at Saarland University, Germany made headlines when they reported that they had found approximately 40,000 MongoDB Databases exposed on Port 27017, a port that is open by default in a MongoDB Database installation. Anyone who searches Shodan would be able to easily locate such leaking databases. So what happened after they…