2019

article thumbnail

Target Sues Insurer Over 2013 Data Breach Costs

Data Breach Today

Lawsuit Claims Insurer Owes Retailer for Coverage of Card Replacement Costs Target has filed a lawsuit against its long-time insurer, ACE American Insurance Co., in an attempt to recoup money it spent to replace payment cards as part of settlements over the retailer's massive 2013 data breach. Find out how much money the company is seeking.

Insurance 341
article thumbnail

It’s Way Too Easy to Get a.gov Domain Name

Krebs on Security

Many readers probably believe they can trust links and emails coming from U.S. federal government domain names, or else assume there are at least more stringent verification requirements involved in obtaining a.gov domain versus a commercial one ending in.com or.org. But a recent experience suggests this trust may be severely misplaced, and that it is relatively straightforward for anyone to obtain their very own.gov domain.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Enterprise Architecture Tools and the Changing Role of the Enterprise Architect

erwin

Enterprise architecture tools are becoming more important than ever. The International Enterprise Architecture Institute (IEAI) defines enterprise architecture (EA) as “the analysis and documentation of an enterprise in its current and future states from an integrated strategy, business and technology perspective.”. In the era of data-driven business, such perspective is critical.

article thumbnail

Brexit data firm broke Canadian privacy laws, watchdog finds

The Guardian Data Protection

AggregateIQ, hired by Vote Leave in 2016, failed to ensure authorisation to disclose UK voter information The Canadian data firm AggregateIQ (AIQ) broke privacy laws with some of the work it did for a leading pro-Brexit group in Britain and a number of US political campaigns, according to a watchdog’s official report. Canada’s federal privacy commissioner, Daniel Therrien, along with his counterpart in the province of British Columbia, said on Tuesday that AIQ had not taken measures to ensure it

Privacy 144
article thumbnail

Reimagined: Building Products with Generative AI

“Reimagined: Building Products with Generative AI” is an extensive guide for integrating generative AI into product strategy and careers featuring over 150 real-world examples, 30 case studies, and 20+ frameworks, and endorsed by over 20 leading AI and product executives, inventors, entrepreneurs, and researchers.

article thumbnail

Record Retention is a Key Component of Your Privacy and Cyber Compliance Program

Data Protection Report

This blogpost summarises our recent webinar: “ An urgent message from Berlin: The importance of record retention in privacy and cybersecurity ”. Why should this be a high priority project? Increased regulation and enforcement action. In 2019, we saw regulators put a renewed focus on how long businesses retain personal information. The most significant action came in October, when the Berlin Commissioner for Data Protection and Freedom of Information issued a €14.5million fine against German real

Privacy 144

More Trending

article thumbnail

Data Enrichment, People Data Labs and Another 622M Email Addresses

Troy Hunt

Until this month, I'd never heard of People Data Labs (PDL). I'd certainly heard of the sector they operate in - "Data Enrichment" - but I'd never heard of the company itself. I've become more familiar with this sector over recent years due to the frequency with which it's been suffering data breaches that have ultimately landed in my inbox. For example, there's Dun & Bradstreet's NetProspex which leaked 33M records in 2017 , Exactis who had 132M records breached last year and the Apollo dat

article thumbnail

Google warned 12K+ users targeted by state-sponsored hackers

Security Affairs

Google revealed that over 12,000 of its users were targeted by state-sponsored hackers in the third quarter of this year. Google’s Threat Analysis Group (TAG) revealed that it has detected and blocked attacks carried out by nation-state actors on 12,000 of its users in the third quarter of this year. Over 90 percent of the users identified by Google were targeted via “credential phishing emails” that attempt to trick victims into providing their password or other account credentials to hij

Phishing 137
article thumbnail

Home Safe: 20 Cybersecurity Tips for Your Remote Workers

Dark Reading

How can you protect your precious corporate endpoints from the mysterious dangers that might await when you're not by their side? Empower home office users with these tips.

article thumbnail

Major Hotel Group Leaks 1TB of Customer Data

Adam Levin

One terabyte of data belonging to a major hotel booking platform was found leaked online. A huge trove of customer data belonging to Gekko Group was found online in an unsecured format. The data contained a wide array of records, including full names, credit card details, client login information, email addresses, home addresses and hotel reservations.

B2B 118
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Welcome to the era of the industrial cloud

OpenText Information Management

The industrial Internet of Things (IIoT) is having a profound effect on how manufacturing organizations share information. The explosion in connected industrial equipment means that companies have to think about how they archive sensor-based information coming from these devices, how they securely move this sensor data from one location to another, and how they derive … The post Welcome to the era of the industrial cloud appeared first on OpenText Blogs.

Cloud 113
article thumbnail

Mixcloud Breach Affects 21 Million Accounts

Data Breach Today

Hashed Passwords Were Leaked; No Financial Data Exposed Digital streaming platform Mixcloud says it is the victim of a data breach after an attacker shared personal data for registered users with several media outlets, including Vice and ZDNet. The data, which concerns 21 million users, is for sale in an underground market.

Sales 331
article thumbnail

Hidden Cam Above Bluetooth Pump Skimmer

Krebs on Security

Tiny hidden spy cameras are a common sight at ATMs that have been tampered with by crooks who specialize in retrofitting the machines with card skimmers. But until this past week I’d never heard of hidden cameras being used at gas pumps in tandem with Bluetooth-based card skimming devices. Apparently, I’m not alone. “I believe this is the first time I’ve seen a camera on a gas pump with a Bluetooth card skimmer,” said Detective Matt Jogodka of the Las Vegas Police Departm

Sales 317
article thumbnail

Black Friday Shoppers Targeted By Scams and Fake Domains

Threatpost

Cybercriminals are tapping in on Black Friday and Cyber Monday shoppers with an array of scams and malware - including domain impersonation, social media giveaway scams, and a malicious Chrome extension.

Phishing 112
article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

This Alleged Bitcoin Scam Looked a Lot Like a Pyramid Scheme

WIRED Threat Level

Five men face federal charges of bilking investors of $722 million by inviting them to buy shares in bitcoin mining pools. .

Mining 128
article thumbnail

5G Roadmap: Preparing Your Enterprise Architecture

erwin

Why planning your 5G roadmap requires significant input from enterprise architects. 5G is coming and bringing with it the promise to transform any industry. And while the focus has been on the benefits to consumers, the effects on the enterprise are far- reaching. Few examples of emerging technology have the potential to disrupt and downright revolutionize certain markets and processes than 5G.

IoT 111
article thumbnail

Do you have a data breach response plan?

IT Governance

This blog has been updated to reflect industry updates. Originally published 6 August 2018. The EU GDPR (General Data Protection Regulation) requires organisations to respond to serious data breaches within 72 hours of detection. This places a significant burden on organisations: taking the appropriate measures to comply with the law while simultaneously dealing with the collateral impact of a breach is not a picnic!

article thumbnail

Teach Your Kids to Code with Ari in Oslo and London

Troy Hunt

When I first started writing code a few decades ago, it was a rather bland affair involving a basic text editor and physical books for reference. I didn't have an opportunity to create anything usable by others until years later and perhaps most importantly in the context of this blog post, I didn't have anyone in my family able to teach me about coding.

IT 110
article thumbnail

The Big Payoff of Application Analytics

Outdated or absent analytics won’t cut it in today’s data-driven applications – not for your end users, your development team, or your business. That’s what drove the five companies in this e-book to change their approach to analytics. Download this e-book to learn about the unique problems each company faced and how they achieved huge returns beyond expectation by embedding analytics into applications.

article thumbnail

Facebook and Twitter warn of malicious SDK harvesting personal data from its accounts

Security Affairs

Some third-party apps quietly scraped personal information from people’s accounts from Twitter and Facebook, the social media companies claim. Facebook and Twitter revealed that some third-party apps quietly scraped personal information from people’s accounts without their consent. According to the company, the cause of behavior that violates their policies is a couple of “malicious” software development kits (SDKs) used by the third-party iOS and Android apps.

article thumbnail

Leaks of NSA, CIA Tools Have Leveled Nation-State Cybercriminal Capabilities

Dark Reading

The wide availability of tools leaked by the Shadow Brokers and WikiLeaks in 2016 and 2017 have given emerging cyber powers a way to catch up, DarkOwl says.

132
132
article thumbnail

Major breach found in biometrics system used by banks, UK police and defence firms

The Guardian Data Protection

Fingerprints, facial recognition and other personal information from Biostar 2 discovered on publicly accessible database The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan Police, defence contractors and banks.

Passwords 112
article thumbnail

How to Get and Set Up a Free Windows VM for Malware Analysis

Lenny Zeltser

If you’d like to start experimenting with malware analysis in your own lab, here’s how to download and set up a free Windows virtual machine: Step 1: Install Virtualization Software Step 2: Get a Windows Virtual Machine Step 3: Update the VM and Install Malware Analysis Tools Step 4: Isolate the Analysis VM and Disable Windows Defender AV Step 5: Analyze Some Malware.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Ransomware Attackers Leak Stolen Data

Data Breach Today

Maze Crew Reportedly Threatens to Release More of Allied Universal's Data Unless Ransom Paid Ransomware attacks have taken an unwelcome turn: The Maze gang reportedly has begun leaking a victim's files to create pressure to pay a ransom. Security experts say they're not surprised by this development, but note that given the different skills required, such tactics may not become widespread.

article thumbnail

Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains

Krebs on Security

On Nov. 23, one of the cybercrime underground’s largest bazaars for buying and selling stolen payment card data announced the immediate availability of some four million freshly-hacked debit and credit cards. KrebsOnSecurity has learned this latest batch of cards was siphoned from four different compromised restaurant chains that are most prevalent across the midwest and eastern United States.

Sales 314
article thumbnail

2020 Cybersecurity Trends to Watch

Threatpost

Mobile becomes a prime phishing attack vector, hackers will increasingly employ machine learning in attacks and cloud will increasingly be seen as fertile ground for compromise.

article thumbnail

The Weird, Dark History of 8chan and Its Founder Fredrick Brennan

WIRED Threat Level

Fredrick Brennan is appalled by the notorious chat site’s links to right-wing extremism and mass shootings. Inside his tortured journey through the web’s cesspool and his attempt at redemption.

IT 111
article thumbnail

Use Cases for Apache Cassandra®

There’s a good reason why Apache Cassandra® is quickly becoming the NoSQL database of choice for organizations of all stripes. In this white paper, discover the key use cases that make Cassandra® such a compelling open source software – and learn the important pitfalls to avoid. From understanding its distributed architecture to unlocking its incredible power for industries like healthcare, finance, retail and more, experience how Cassandra® can transform your entire data operations.

article thumbnail

The Design Thinking Process: Five Stages to Solving Business Problems

erwin

The design thinking process is a method of encouraging and improving creative problem-solving. The design thinking process is by no means new. John Edward Arnold, a professor of mechanical engineering and business administration, was one of the first to discuss the concept in as early as the 1950s. But the wave of digital and data-driven business has created new opportunities for the design thinking process to be applied.

Analytics 111
article thumbnail

List of data breaches and cyber attacks in June 2019 ­– 39.7 million records leaked

IT Governance

After a rampant start to the year for data breaches and cyber attacks, it’s about time we went one month without at least one massive security incident. June 2019’s total of 39,713,046 breached records is the lowest since May last year – the month that the GDPR (General Data Protection Regulation) came into effect. Is this the start of the long-awaited ‘GDPR bounce’?

article thumbnail

Eliminate the challenges of binding: Jamf Connect now integrates with Azure Active Directory

Jamf

Now with one username and password, organizations have the ability to provide users with a simple, unified authentication and account synchronization process — while still offering the best possible Apple experience. Read the full details.

Passwords 111