Collaborate Disseminate
I was just wondering what the downsides of the following approach would be:
The email address I store is hashed (with a pepper that is db wide). This should (in my theory) better protect users in case of a data breach compared to storing t… Continue reading Hashed email addresses in database and plain text emails in JWT
The data broker Socure gave me my consumer report.
It contained a number of unlabeled .json files with unlabeled records. I’m looking at one called "1.json."
Each record contains a field called "rowIdSource"; the value… Continue reading In a Socure consumer data file, what do the substrings "_LFM_" and "_CHM_" signify in the field "rowIdSource"? [closed]
Rydox, an online marketplace used by cybercriminals to sell hacked personal information and tools to commit fraud, has been seized in an international law enforcement operation and its suspected administrators arrested.
Read more in my article on th… Continue reading Rydox cybercrime marketplace seixed by law enforcement, suspected admins arrested
Our system produces preview images of A4 documents, which contain sensitive data (email, phone numbers, social networks and adresses) of our users. We would like to save those preview images in our cloud, to later present them to the corre… Continue reading Extraction of sensitive data out of down- scaled images
We are currently implementing an envelope encryption scheme in order to securely store PII data in our database. That means we will have a user- specific DEK (data encryption key), and a KEK, which will get derived from the user’s password… Continue reading Envelope Encryption: KEK management in Auto- Login case
Avis Car Rental is notifying roughly 300,000 individuals that their personal information was stolen in an August 2024 data breach.
The post 300,000 Impacted by Data Breach at Car Rental Firm Avis appeared first on SecurityWeek.
Continue reading 300,000 Impacted by Data Breach at Car Rental Firm Avis
I have a table in Postgres that stores phone numbers. Since phone
numbers are considered PII, I cannot store them as plaintext.
For other PII fields, I use AES-256-CBC. However, the requirements are that phone numbers are
part of a unique… Continue reading Searchable encryption for phone numbers
A coming White House Executive Order seeks to protect personal information by preventing the mass transfer of Americans’ sensitive data to countries of concern.
The post White House to Issue Executive Order on Personal Information Protection appeared f… Continue reading White House to Issue Executive Order on Personal Information Protection
I am on the very last functionality to implement before launching my app. I have the same requirements someone like Fanduel or Draftkings does. When my users cross the $600 threshold for prizes in the year, I need to store their ss number … Continue reading Help me securely store and retrieve Social Security numbers [closed]
I have been using my personal Gmail Account for years to create accounts on a wide range of websites like evite.com and Instagram.
Google conducted a dark web scan and created a report of instances where my personally identifiable informat… Continue reading My personal info was leaked on the dark web through my Gmail Account; is it still safe to continue using said Gmail Account?