23 Jan 2020

Microsoft Exposes 250M Customer Support Records on Leaky Servers

Microsoft recently publicly disclosed a security breach that was a result of a misconfigured internal customer support database. The breach caused the exposure of approximately 250 million customer support and service records, many of which contained personally identifiable information. Microsoft stated that their investigation concluded that a change made to

Read More
22 Jan 2020

Biometric ID a worry but still acceptable to Australians

A newly published report released by the Australian Institute of Criminology (AIC) investigated Australians’ opinions on the use of biometric technologies to confirm their identity. The research concluded that the vast majority of Australians are concerned about their privacy and the storage of their biometric data. 83% of those surveyed

Read More
03 Jan 2020

California Adopts Strictest Privacy Law in U.S.

On Wednesday, California’s 2018 privacy law went into effect, making California the US state with the strictest privacy law. The law, The California Consumer Privacy Act (CCPA) includes implications like strict requirements for companies to notify users about data usage and monetization and requiring companies to offer tools for opting

Read More
19 Dec 2019

Lawmakers Demand Answers on Facial Recognition Deployments in Public Housing

On Wednesday, eight Democratic lawmakers pressed the Housing and Urban Development Department to publicly address concerns on the use of facial recognition technology on federally assisted housing facilities. The lawmakers called on the department to review its policies, claiming the current policies may violate fundamental privacy and civil liberty rights.

Read More
13 Dec 2019

Why Ring Doorbells Perfectly Exemplify the IoT Security Crisis

Recently, there has been an influx of concerning news about how Amazon stores video surveillance data from its Ring smart doorbell systems, sparking concern among consumers and experts alike. This week, reports that hackers are breaking into users’ Ring accounts have emerged. When the hacker obtains access to the Ring

Read More
04 Dec 2019

Magecart Hackers Open Fire at Smith & Wesson Customers

Digital skimming hackers targeted the website of major US gun producer Smith & Wesson, as well as their customers, over the weekend. Smith & Wesson is based out of Springfield, Massachusetts, and was attacked on Black Friday during one of the highest-grossing shopping days of the year. Smith & Wesson

Read More
02 Dec 2019

SDKs Misused to Scrape Twitter, Facebook Account Info

Twitter and Facebook warn users that software development kits (SDKs) owned by oneAudience and MobiBurn can be embedded within an app and used to extract personal information. The two SDK companies create kits that can be used by app developers to create malicious apps that request access to Twitter or

Read More
22 Nov 2019

Optus opens privacy can of worms with programmable voice play

Australian telco company Optus recently introduced a service that transcribes phone call interaction between customers and a call center officer. Seow Yoke Kong, Optus VP of IT, labeled the feature as assisting the Optus employee by taking notes from the phone call, saving them “five minutes” not having to take

Read More
21 Nov 2019

Hackers Dump 2.2M Gaming, Cryptocurrency Passwords Online

Passwords and other personal data of more than 2.2 million users were revealed as a result of dual data breaches. Users of cryptocurrency walled GateHub and gaming bot provider EpicBot were posted online despite heavy encryption. Security researcher Troy Hunt announced on Tuesday that he had uncovered databases with information

Read More
20 Nov 2019

PayMyTab Exposes Data of US Restaurant Goers

PayMyTab, a mobile payments provider, exposed the data of thousands of customers for 16 months after failing to follow security protocols on Amazon Web Services (AWS). Data exposed in the privacy breach includes personally-identifying information of customers who had requested a receipt from their dining experience be emailed or texted

Read More