The Auburn University breach involving the exposure of information just got worse, in my opinion. Erin Edgemon reports that some of the people who had their data exposed not only never attended Auburn, but never even applied there. Not surprisingly, they would like to know how Auburn got personal information about them that wound up exposed. But Auburn reportedly…
Category: Commentaries and Analyses
Have you googled your site to see if you’ve been hacked?
It’s 2015, and too many entities still don’t seem to know to do Google searches or Pastebin searches on themselves to find out if they’ve been hacked or their data dumped somewhere. There’s no way this blog can report on them all or even alert them all, but one of today’s examples is WAYEB, the European Association…
UK: Financial firms are responsible for data trading
Tony Hazell nails it in a column that begins: The revelation that intimate financial and medical details are being sold to firms with dubious intentions should have sent shockwaves through the financial community. But it probably will not. The Daily Mail last week revealed that financial details were being sold for as little as 5p…
Where Stolen Data Goes After Breach: An Experiment
Michael Perrault reports: Where does stolen data go after a breach? Silicon Valley-based data protection company Bitglass conducted an experiment showing that a single stolen document, with multiple data, traveled to 22 countries, was viewed 1,081 times and was downloaded 47 times over a dozen days. Some activity was connected to crime syndicates in Nigeria…
Should security providers be held liable for data breaches?
Krishna Bahirwani reports: Black Hat Asia ended with a discussion started by Black Hat founder Jeff Moss on if security providers, should be held liable for data breaches, because of the critical data they claim to “secure”. The recent number of hacking incidents everywhere have made this a widespread issue and security professionals worldwide have…
Employees have no qualms in selling corporate passwords
Taylor Amerding reports: Plenty of people are careless with their own personal passwords – using the same one for multiple sites, and/or making them so simple that they are comically easy to crack – but hardly anyone would intentionally sell them for a few bucks to someone they know would use them to do them…