Archive - Data Breaches RSS Feed

3 Truly “Free” Privacy Protection Resources

privacylostThe fact is…. we live in a post-privacy era!

Daily headlines around the world confirm our greatest fears about privacy being an “endangered species”.  As most folks who reside in cyber-space already know, privacy as we knew it is dead!

Data breaches including Anthem, Sony, Home Depot, Target, JP Morgan/Chase, Uber and the U.S. Defense Department, remind us that even those with virtually unlimited financial resources cannot contain this fire.

These breaches leak our vital information and place it into the hands of fraudsters around the globe. The risks are often referred to as “asymmetrical”, because our exposure is much greater than an anonymous thief’s chances of getting caught.

Open source software and NSA oversight have left privacy advocates gasping for air in search of our long lost right to God-given privacy. Even Adam and Eve had fig leaves and loin cloths, but because of the delicate balance between privacy and security, our modern back doors are open and the front doors are open too!

Here are 3 terrific free privacy protection resources which the unscrupulous “privacy peddlers” can’t charge for. Continue Reading…

9 Steps To The Target Hack

TargetStore.jpgBlack Friday 2013 was the beginning of a crazy shopping season for consumers and hackers alike.

Consumers snapped up holiday shopping deals across the retail spectrum and hackers snapped up the data from credit card magnetic strips. A good time was had by all.

Security experts have now begun to piece together the identities and methods of the actors behind the Target breach.

The stolen data began popping up for sale in black market underground chat rooms almost immediately, just like fresh caught fish that needs to be purchased and consumed it before it begins to stink!

Fearless former Washington Post columnist Brian Krebs, was the first to report on the breach. Krebs has been infiltrating and reporting on criminal activities in underground online chat rooms since 2005.

According to Krebs:

“Key information that informs some of my best scoops is just as likely to come from people actively engaged in cybercrime as it is industry experts working to fight fraud. So, once again, a sincere thank you to all of my readers — lovers and haters alike.”

The investigators’ reports are in. I’m a risk management guy, not a computer engineer so here’s a layman’s list of 9 steps revealing: “How the attackers did it”. Continue Reading…

Why Cyber Threats Will Grow In 2014

speedometer of the new yearHoping for a brighter, more profitable 2014? Cyber crooks are too!

But despite growing security awareness in businesses and at home, experts predict that we’re in for an even larger privacy battle in 2014.

As the recent Target data breach (and the subsequent flooding of personal data onto the internet black market) is proving, cyber attacks are BIG business.

Steve Wexler is a technology and security journalist at IT-TNA (IT Trends & Analysis). In a recent article published in PC World magazine, Wexler commented: “One would expect doom and gloom forecasts from security vendors – and IT industry analysts – and you won’t be disappointed.

In his IT-TNA blog, Wexler cites fear as one of the contributing factors for increased vulnerability: Continue Reading…

New Study Verifies Uptick In ID Theft

Upward TrendFor those who continue to ignore the threat of identity theft, listen up.  It’s getting serious. Really!

Not only is financial crime growing by leaps and bounds, but we are entering a new age of breaches, hacks, mischief-ware (great new word) and privacy vulnerability.

The once encouraging two-year downward trend has now dramatically reversed itself  and is headed into dangerous new territory according to the folks at Javelin Strategy and Research.

An unnerving 12.6 million Americans were victimized by ID Theft in 2012, up dramatically from 2011. New account fraud made up the largest percentage of reported crimes, by targeting the personal information of victims and opening new credit cards and other kinds of loans. Continue Reading…

How To Protect Your Business Data

Remember the arcade video game Space Invaders? Cyber-threats can also invade unexpectedly from every direction.

We’ve all heard about the threats which originate from outside your organization. Insider threats come in many varieties as well, some accidental and some quite intentional.

Hacks, viruses and plain-old corporate malfeasance can render your network vulnerable and even bring your business to a grinding…….halt.

I thought this would be good time to share some best practices that can help you get a better grip on your organization’s data security. Additional tips can be found for PC users at Microsoft’s security website. Recent security updates for Mac users can be found here.

Please take a moment to read through this list and get answers to any of the questions you cannot respond to with certainty.

  • Is anti-virus software installed and regularly updated throughout your network?
  • Is there a firewall in place to help prevent intrusion from the outside?
  • Is your data backed up regularly? Continue Reading…

Latest Credit Card Breach Alert

Last week, MasterCard and VISA rang the alarm bell to warn banks and credit unions across the country about a new data breach discovered in March.

It seems that Atlanta-based credit card processor Global Payments Inc. has been the victim of a potentially significant data breach, reminiscent of the Heartland Payment Systems breach in 2009.

The size and scope remain to be seen in comparison to that of earlier massive breaches. Heartland’s breach reportedly exposed in excess of 130 million accounts, while the Global Payments breach is estimated (by company officials) to involve about 1.5 million accounts.

Global Payments Chairman and Chief Executive Paul Garcia says his company is ” working around the clock literally”, to get back into good standing with VISA, who removed the card processing company from their list of approved vendors.

Security experts warn that this breach is a reminder that no single layer of protection is sufficient to keep data safe from today’s most determined and sophisticated financial criminals. It is also sobering to keep in mind that many intruders are insiders who may already have full-access to consumer’s so-called KBA (knowledge-based authentication) secrets. Continue Reading…

STD’s and Your Private Data

I can’t recall if it was high school science class or later in life that I learned the health benefits of sexual abstinence before marriage.

“Wait, what do STD’s have to do with my private data?” Here is the connection.

The safety message to my generation was a stern warning and more than a few follow-up reminders that if we engaged in pre-marital relations, we were being physically linked to every person our partner had ever been with and so on and so on. Get the picture? And so on…..

The safety message in our digitally wired, overly connected world is that the financial institutions, internet providers, cell providers and other merchants we do business with are presumed to be keeping our data safe.

Despite our safety assumptions we are still “connected” to every other entity our vendors have done business with…despite their potentially nasty viruses, bad privacy-protection habits, corrupt employees and other menacing threats resulting from our mutual connectivity.

If you own a smart phone, a laptop, a Mac, a PC, a new iPad, a flash drive, a game console or just about any connected device, you’d better button up because you could easily catch more than a cold.

Even if you don’t own one of the devices just mentioned, guess where much your personal data resides? It resides on someone else’s device of course.

In an interview with the folks at Bank Info Security, The Identity Theft Resource Center reports: Continue Reading…

Who’s Afraid Of The Big Bad Wolf?

Ol’ Blue Eyes is back…. and he’s not Frank Sinatra.

In my last post, we discussed this wolf’s current barrage of savage and relentless attacks on private data repositories.

The crimes range from the theft of individual NPPI ( Non Public Personal Information), to raids on corporate data,  to the recent malicious hack into servers at the Central Intelligence Agency.

The culprits could basically be described and motivated in one of three ways:

  • Criminal tricks – Thieves
  • Juvenile kicks –  Hackers
  • Rogue politics –  Enemies

We went on to look at the observations of two of the world’s leading privacy/security thought leaders (Bruce Schneier and Mikko Hypponen) discovering that they not only acknowledge the on-going war, but they are eager to explain the modus operandi  and general motivation that drives each of these blood-thirsty intruders. Continue Reading…

Is Your Smartphone Safe From Hackers?

With the recent phone-hacking crisis at News Corporation and the emotional testimony of the company’s top executives including Chairman Rupert Murdoch, now might be a good time to do what you can to secure your own cellphone whether it is a  smartphone or not.

Analysts at Gartner estimate that one in six people now own or have access to a smart phone. The importance of protecting and maintaining the integrity and privacy of both your personal and business data cannot be overstated. Once it’s gone, your data takes on a new life of its own on the worldwide underground  black market.

The variety of ways we engage with and consume online entertainment and information has changed in just the past two years, thanks to the demand for and availability of a torrent of on-demand mobile content.

While  the good guys work to develop new feature-rich applications for us to consume, the bad guys are just as busy trying to gain access for a number of reasons:   Continue Reading…

Global Spear-Phishing: A New Threat

While Charlie Sheen maniacally pronounces his  self induced “winning” status to a saddened, bewildered and exhausted fan base, another  growing menace actually seems poised for “winning”.

Consumers got a wake up call on two fronts with the disclosure of the massive Epsilon Interactive data breach last week.

Our  first wake up call stems from the sheer length of the  list of companies who utilize Epsilon’s email  service to reach their customers.

The second wake up call is the reality that so many trusted brands outsource our names and email addresses to a third party  email service provider (ESP)  who has now been exposed as functionally incapable of protecting the  private personal data that was entrusted to them.

The truth is that there is nothing you or I can do to prevent these leaks when the repository for our data is in the hands of other people.

According to the consumer advocacy group Cauce, the following  financial institutions were affected by the breach: Continue Reading…

Page 1 of 212»