Data Security

Employment fraud is currently the most prevalent scam targeting consumers, according to Better Business Bureau report. The scams primarily target job-seekers with promises of great job opportunities and high pay. One victim in Montana was approached by what appeared to be a courier service offering him more than $70,000 per year to purchase and ship consumer electronics. After receiving payment to...

A health company’s unprotected server exposed over six million health records in the last 12 months. Meditlab, an electronic medical record company, left a server for electronic faxes completely unprotected since bringing it online in March 2018. This meant that any information transmitted between medical offices, including records, doctor’s notes, prescriptions, and patient names, addresses, health insurance information and Social...

The U.S. Department of Homeland Security issued an emergency directive in January 2019 giving government agencies ten days to verify that they weren't compromised by DNS hijacking. A few days later, the Internet Corporation for Assigned Names and Numbers (ICANN), the organization responsible for governing large parts of the internet, issued a bleak warning urging businesses to do the same, and to enact stronger security...

The Federal Emergency Management Agency failed to properly protect the personal information of 2.3 million survivors of natural disasters. A partially redacted memo issued by the Office of the Inspector General of the Department of Homeland Security stated that FEMA released the personally identifiable information of 2.3 million survivors of hurricanes Harvey, Irma and Maria as well as the...

Florida police officer Leonel Marines resigned after a police investigation revealed the 12-year veteran of the Bradenton Police Department had been using police databases like a dating app to locate potential women for fun and maybe more. He'd been doing it for years. While it's surprising this 5-0 Romeo actually got some dates playing fast and loose with his access to driver's...

The email addresses and personal information of 982 million people were compromised in a leak from an unsecured database. The database belonged to Verifications.io, an “email validation service” that aggregates and sells information about the validity and personal data associated with email lists. Security researcher Bob Diachenko found the information in an unsecured 150GB-sized MongoDB database. “This is perhaps the biggest...

Multiple sales subsidiaries of Toyota Motor Corp. were breached in an apparent cyberattack that may have leaked the personal information of up to 3.1 million people in the Tokyo area. Toyota announced the possible breach as being the result of “unauthorized access” to a network server containing customer information in late March, but explained that they were unable to confirm...

Unless you live under a bottle cap rusting on the bottom of Loon Lake, you know that if you're concerned about privacy, Facebook CEO Mark Zuckerberg is the gift that keeps on taking. A week after it landed with a curious (and most likely spurious) thud, Zuckerberg's announcement about a new tack on consumer privacy still has the feel of an unexpected message...

Israeli cybersecurity researchers have created malware capable of showing fake cancerous growths on CT and MRI scans. The malware, called CT-GAN, served as a proof of concept to show the potential for hacking medical devices with fake medical news that was convincing enough to fool medical technicians. In a video demonstrating the exploit, researchers at Ben Gurion University described...

A security analysis of 30 major banking and financial apps has shown major security holes and a lax approach to protecting user data. The analysis was conducted by the Aite Group, which looked at mobile apps in eight categories: retail banking, credit cards, mobile payment, healthcare savings, retail finance, health insurance, auto insurance and cryptocurrency. Among the most alarming finding...