Are Companies Doing Enough to Secure PII? I Spoke With Security Expert Frank Abagnale to Find Out

For the enterprise responsible for protecting customers’ PII, should passwords be stored at all — even encrypted?

The post Are Companies Doing Enough to Secure PII? I Spoke With Security Expert Frank Abagnale to Find Out appeared first on Security Intelligence.

Continue reading Are Companies Doing Enough to Secure PII? I Spoke With Security Expert Frank Abagnale to Find Out

Unprotected Database Exposes Personal Info of 80 Million American Households

A team of security researchers has claims to have found a publicly-accessible database that exposes information on more than 80 million U.S. households—nearly 65 percent of the total number of American households.

Discovered by VPNMentor’s research te… Continue reading Unprotected Database Exposes Personal Info of 80 Million American Households

Millions of records about Middle Eastern drivers left in an insecure database

Records containing sensitive information on perhaps millions of Iranian drivers was left unsecured in a publicly available database for days, according to security research published Thursday. More than 6.7 million records from 2017 and 2018 were estimated to be exposed in a database discovered by researcher Bob Diachenko. Information included drivers’ first and last names, their Iranian ID numbers stored in plain text, their phone numbers, and other data such as invoice information. The data is now secured, Diachenko told CyberScoop. The actual number of people affected in the breach is likely less than 6.7 million, Diachenko explained, because the database contains multiple files referring to the same people. While the origin of the data remains unclear, Diachenko suggested it may have been stolen from the Iranian ride-hailing companies Snapp and/or TAP30. “[W]e can only guess if this data was part of their infrastructure,” he wrote in a post published Thursday. […]

The post Millions of records about Middle Eastern drivers left in an insecure database appeared first on CyberScoop.

Continue reading Millions of records about Middle Eastern drivers left in an insecure database

Third-party Facebook apps left people’s data publicly exposed, researchers say

Two separate exposures of sensitive information about Facebook users are the latest alarming discoveries by researchers at UpGuard. In both cases, the operators of third-party apps that connected to Facebook were storing data about people in Amazon Web Services S3 buckets configured for public access, said UpGuard, a Silicon Valley-based security company known for identifying misconfigured cloud services. One database originated with Mexico-based Cultura Colectiva, while the other was stored by the makers of an app called “At the Pool.” Both had been secured by Wednesday, UpGuard said. The Cultura Cultiva is the bigger of the two exposures, including 146 gigabytes of information about comments, likes, reactions, account names, Facebook IDs and more, UpGuard said. The “At the Pool” discovery, while not nearly as large, “contains plaintext (i.e. unprotected) Facebook passwords for 22,000 users,” UpGuard said. The company appears to have ceased operation in 2014, but this “should offer little consolation to the app’s end users whose […]

The post Third-party Facebook apps left people’s data publicly exposed, researchers say appeared first on CyberScoop.

Continue reading Third-party Facebook apps left people’s data publicly exposed, researchers say

Georgia Tech Data Breach Exposes 1.3 Million Users’ Personal Data

The Georgia Institute of Technology, well known as Georgia Tech, has confirmed a data breach that has exposed personal information of 1.3 million current and former faculty members, students, staff and student applicants.

In a brief note published Tue… Continue reading Georgia Tech Data Breach Exposes 1.3 Million Users’ Personal Data

Network chief allegedly tries to extort $750,000 from former employers

After getting fired from his job as a director of infrastructure services, a Statesville (NC) man decided to try an extort his employers by threatening to release customers’ private information to the mainstream. Court papers don’t mention … Continue reading Network chief allegedly tries to extort $750,000 from former employers

Developing a Security Plan Around Consumer Data Privacy Concerns

The onus to meet the challenge of consumers’ security and privacy expectations is on the enterprise. Developing a security plan around consumer concerns is a good first step.

The post Developing a Security Plan Around Consumer Data Privacy Concerns appeared first on Security Intelligence.

Continue reading Developing a Security Plan Around Consumer Data Privacy Concerns

Airbus Suffers Data Breach, Some Employees’ Data Exposed

European airplane maker Airbus admitted yesterday a data breach of its “Commercial Aircraft business” information systems that allowed intruders to gain access to some of its employees’ personal information.

Though the company did not elaborate on the… Continue reading Airbus Suffers Data Breach, Some Employees’ Data Exposed

10 Cybersecurity Conference Trips You Should Make Time for This Year

Not sure where to distribute IT budgets for ideal returns? Here’s a roundup of the top 10 cybersecurity conference trips to make time for this year.

The post 10 Cybersecurity Conference Trips You Should Make Time for This Year appeared first on Security Intelligence.

Continue reading 10 Cybersecurity Conference Trips You Should Make Time for This Year