Privacy | SC Media Privacy

Privacy

Analysis of popular apps finds rampant sharing of personal data

An analysis of 10 highly popular Android apps found what researchers are calling the “out of control” sharing of potentially sensitive information with third parties, in some cases in likely violation of Europe’s GDPR privacy regulations. The findings, which were published in a report issued by the Norwegian Consumer Council (NCC), prompted a coalition of…

Cybersecurity takes the stage

No longer just the concern of IT, cybersecurity is the bad boy headliner that dominates centerstage and all stages beyond.  Teri Robinson reports.  At the recent Lonestar Blues and Heritage Festival in, where else, Texas, fans bounced between the main stage where headliners strutted their stuff and the porch stage where more modest acts plucked their guitars – and…

2019 Tech advances

Giant leaps, small steps It’s an unfortunate fact that no security firm came up with a silver bullet to protect endpoints, the cloud, networks, IoT and mobile devices from cyberattack, but that doesn’t mean there were no technological advances made.SC Media reached out to several industry insiders to see which 2019 advances they thought deserved…

Consumer data privacy regulation at the federal level: An opportunity for MSPs?

After Jerry Brown signed the California Consumer Privacy Act (CCPA) paperwork in June 2018, shock waves reverberated throughout Silicon Valley. Lobbyists at the Information Technology Industry Council, a Google-backed think tank, quickly went to work drafting proposals for a federal law that would supersede the stringent California bill. Twelve states subsequently followed California’s lead and…

2020 Predictions: Privacy

Dimitri Sirota, co-founder and CEO, BigIDSiri, Are You Listening? Overcollection of consumer data has been an issue for quite some time, but the introduction of smart home devices like Amazon’s Alexa and Google’s Nest have exponentially accelerated consumer data collection, much of which is superfluous and lacking in value. Large and small organizations alike are…

Unsecured storage bucket exposes applications for birth certificate copies

A leaky Amazon Web Services storage bucket has exposed more than 752,000 applications requesting copies of birth certificates. A report yesterday by TechCrunch said the unsecured data set dates back to late 2017, but was just recently discovered by U.K.-based penetration testing company Fidus Information Security. The data is managed by a company that helps…

talkingonaphone

Sprint contractor reportedly stored non-Sprint customers’ phone bills on open server

Hundreds of thousands of cell phone bills and other documents belonging to AT&T, Verizon and T-Mobile customers were reportedly exposed after a Sprint contractor left them sitting on an open public server. The documents had been collected and stored in the first place as part a marketing effort to persuade subscribers of rival carrier services…

Unsecured server exposes 4 billion records, 1.2 billion people

Two security researchers have uncovered four billion records on 1.2 billion people on an unsecured Elasticsearch server impacting what is estimated to be hundreds of millions of people. The data itself comes from the data aggregator and enrichment companies People Data Labs (PDL) and OxyData.Io and contains basic personal information, such as names, home and…

Leaky Gekko Group database exposes info on hotel brands, travelers

European hotel booking platform provider Gekko Group mistakenly stored over 1 terabyte of information on a publicly configured server, exposing troves of data related to its hotel B2B clients, as well as travel agents and their customers. The majority of the exposed data was collected by Gekko brands Teldar Travel, which provides a booking system…

github_1439470

Report: GitHub repository exposes WeWork customer contracts

Data belonging to clients of shared workspace company WeWork was reportedly left exposed and accessible to the public via GitHub, while a web portal separately leaked information on prospective customers. Mossab Hussein, security researcher from Dubian-based spiderSilk, discovered the data mismanagement and reported it to Vice/Motherboard, which published a report on the findings today. The…

Next post in Security News