Data Security

One terabyte of data belonging to a major hotel booking platform was found leaked online. A huge trove of customer data belonging to Gekko Group was found online in an unsecured format. The data contained a wide array of records, including full names, credit card details, client login information, email addresses, home addresses and hotel reservations. The personally identifiable information...

Macy’s has informed customers of an e-skimming data breach following the discovery of Magecart malware on its website. In a letter to affected customers, the retailer said that it had detected malware on its e-commerce website on October 15 and that it had been active for a little over a week.  “The unauthorized code was highly specific and only allowed the...

Data belonging to more than 450,000 players of popular online games were exposed on an unprotected database accessible online. Wizards of the Coast, the company behind games such as Magic: The Gathering, MTG Arena, and Magic Online accidentally left a database unprotected on an online Amazon Web Services storage bucket. The first and last names, email addresses, and passwords of...

News that Virtual Private Network (VPN) provider NordVPN was breached spread quickly. While the breach of a major VPN service is newsworthy, this one wasn't particularly. A single server was compromised, one of many, and according to NordVPN only 50-200 customers were affected. But one of the watchwords of good cyber hygiene, a VPN, was breached. The incident put NordVPN in the hot...

Google is collecting the health record data of millions of U.S. citizens, raising serious concerns about patient privacy. According to a recent story published in The Wall Street Journal, Google has partnered with Ascension, the nation’s second largest health care system for Project Nightingale.  The partnership gives Google full, non-anonymized access to “lab results, doctor diagnoses and hospitalization records... and amounts...

On the latest episode of Third Certainty, Adam Levin explains the dangers of e-skimming, where malicious code is deployed to e-commerce sites to steal customer payment information.

The June data breach of Canadian financial institution Desjardins was wider in scope than initially reported and compromised the data of all 4.2 million of its individual members. The breach, initially detected in December 2018 and announced in July 2019, was originally estimated to have affected 2.7 customers and 173,000 businesses. Desjardins announced the revised figure based on information shared by the...

A leaked memo from the Office of the Chief Information Security Officer (OCISO) delivered alarming news about the state of cybersecurity at the White House. Acquired and published online by Axios, the memo was included in a resignation letter from Branch Chief of White House Computer Network Defense Dimitrios Vastakis. In the document, Vastakis details several concerns about staffing and...

Virtual Private Network provider NordVPN announced that it was the target of a successful hack last year. In a statement released on its blog, NordVPN informed users that one of its servers had been compromised in March 2018. The announcement confirmed rumors about the service that had previously been circulating on Twitter. The company placed the blame on a third-party...

In the seventh episode of Third Certainty, Adam Levin explains the dangers of exposed personally identifiable information and shares some tips about how consumers can protect themselves.