Data Breaches


Only after running out of hard disk space did firm realise hacker had stolen one million users' details

Yet another company has been found lacking when it comes to securing its consumers’ data. Utah-based InfoTrax Systems provides back-end services to multi-level marketing companies (MLMs) such as dōTERRA, ZanGo, and LifeVantage, providing website portals where individuals can register as a distributor, sign-up new distributors, and place orders for themselves and end consumers.


Apple in 2018, now Tesla-who's next in the line of internal data leaks?

Recent allegations of an ex-Tesla employee syncing the Autopilot source code to his personal iCloud account is yet another classic case of how poor data security is, even in some of the most technologically advanced organizations. The Tesla leak isn’t even the first time that a data breach of such immense magnitude pertaining to self-driving technologies has occurred; in July 2018, an Apple employee was caught using AirDrop to transfer 40GB of confidential data to a personal PC.


Escaping the Egregious Eleven - Part One

Helping to define and examine the top perceived cloud security threats of the day, the ‘Egregious Eleven’ is the most recent iteration in an evolving set of summary reports published by the Cloud Security Alliance (CSA). It follows on from the ‘Treacherous Twelve,’ which they defined for us in 2016, and the ‘Notorious Nine,’ which they presented in 2013.


Reported Security Breaches Skyrocket in Canada Following New Privacy Law

Security breaches reported to the Office of the Privacy Commissioner of Canada have skyrocketed since the country introduced its new privacy on November 1, 2018. A blog published by the Office of the Privacy Commissioner of Canada claims they have received 680 breach reports within the last year, six times the number they received during the same period just one year prior.


Data breach: how to prevent it

We are living in the era of the digital economy where companies are collecting and storing lots of valuable customer data on a daily basis. As it has turned out, data is an important input in the competitiveness, growth, and revenue generation for any company across industries. But every valuable resource has its vulnerabilities, and data is not left out in this unfortunate fact. A notable vulnerability of sensitive data that has left many IT departments scratching their heads is data breaching.


Was the largest breach in history a misconfiguration problem?

Earlier this week, I heard a fascinating interview with the former Chief Information Officer of Equifax, Graeme Payne. If you are unfamiliar with Graeme, he was the scapegoat for the Equifax breach; described in Congressional testimony as “the human error” that caused the breach. Graeme, however, is a true gentleman who is very gracious about his situation.


Italian Bank UniCredit Suffers Data Breach

Unicredit has reported a breach of its IT systems resulting in the leak of information belonging to over 3 million customers. The bank confirmed on Monday that a file created in 2015 containing three million records involving Italian clients is the source of the security incident. The victims' names, telephone numbers, email addresses, and cities where clients were registered are among the information compromised.


Senators Urge Investigation into AWS Following Capital One Breach

Two U.S. senators have demanded an investigation into Amazon Web Services to determine whether the cloud provider broke the law by failing to secure infrastructure that was compromised in the recent Capital One breach. Paige Thompson, a former AWS software engineer, has been accused of the attack on Capital One and 30 other organizations.


Inside the Capital One Breach, and How to Block It

The Capital One data breach has been big news and for good reason. The exposure of over 100 million personal data records is a big deal—especially when it’s a bank, and especially when it’s a bank like Capital One that has leaned into the cloud so heavily. It is too easy for the skeptics and naysayers to blame the cloud; which makes it even more critical to truly understand what happened.