Two third-party Facebook application developers exposed users' personal information by leaving the data exposed without a password in unsecured Amazon Web Services S3 buckets, researchers from UpGuard say. One data set contained 540 million unsecured records, the report found.
Vendor risk management must be a higher priority in all business sectors and must extend beyond security to include privacy, says Kabir Barday of OneTrust.
Buyer beware: A new study shows used USBs offered for sale on eBay and elsewhere may contain a wealth of personal information that could potentially be used for identity theft, phishing attacks and other cybercrimes.
Britain's intelligence establishment warns that Chinese networking giant Huawei's "software engineering and cybersecurity processes" continue to be beset by unresolved "defects" and that improvements promised by the manufacturer have yet to be seen.
Brad Smith, Microsoft's chief legal officer, says Australia's encryption-busting law is causing companies and governments to look elsewhere to store their data. Microsoft hasn't changed it own local operations yet, but other companies say they're no longer comfortable storing data there, he says.
Victims of hurricanes, wildfires and other disasters now face a second hit: The U.S. Federal Emergency Management Agency inadvertently shared 2.3 million disaster survivors' personal data of with an agency contractor, leaving victims at increased risk from fraud and identity theft.
Karl Racine, the attorney general for Washington, D.C., is looking to strengthen the District's data breach laws, specifically by offering greater protection for consumers and holding businesses accountable when they are breached or lose data.
Facebook has corrected an internal security issue that allowed the company to store millions of user passwords in plaintext that were then available to employees through an internal search tool.
An unprotected database belonging to Chinese e-commerce site Gearbest exposed 1.5 million customer records, including payment information, email addresses and other personal data for customers worldwide, white hat hackers discovered.
A funny thing happened on the way to dark web intelligence-gathering: Some organizations began to amass and share a lot of private information, potentially in violation of privacy regulations and industry rules, says Danny Rogers, CEO of Terbium Labs.
In the wake of the EU's GDPR and other legislation, privacy suddenly is the hot topic within enterprises and governments alike. A panel of experts discusses the privacy imperative and what it means for security.
Facebook's data deals continue to be probed. A criminal investigation of Facebook by federal prosecutors in New York has resulted in records being subpoenaed "from at least two prominent makers of smartphones and other devices," the New York Times reports.
Retired RSA Chairman Art Coviello is optimistic about the rise of privacy and the progression in how enterprises secure their critical, expanded networks. But he also has significant concerns.
If you had to guess what day of the week a hacker will hit your organization, the answer might seem obvious: Hackers prefer to strike on Saturday. And a review by Redscan of cybersecurity incidents reported to Britain's privacy regulator before GDPR took effect confirms it.
The "right to be forgotten" is a critical component of the EU's GDPR, but requirements vary widely globally. Mike Kiser of SailPoint discusses related identity governance issues.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.