Despite a litany of high-profile data breaches, federal action on data privacy is unlikely to go anywhere in 2019 as partisanship and lack of technology literacy complicate Congressional action.
Podcast: Play in new window | Download (Duration: 34:11 — 39.1MB)Subscribe: Android | Email | Google Podcasts | RSSIn this week’s episode (#130): we speak with security researcher Troy Hunt, founder of HaveIBeenPwned.com about his latest disclosure: a trove of more than 700 million online account credentials he’s calling “Collection #1.” Also we speak to Martin Hagen of the Norwegian device firm Tailit about how failing a security audit of the company’s GPS watch sparked a security make-over at the company.
Amazon accidentally sent 1,700 private voice files to an unauthorized customer in Germany in response to a request for personal data. The data allowed a German magazine to identify and track down the person whose voice was recorded on the files, according to a published report.
Security researchers have uncovered a three-year cyber attack on a Russian oil company that appeared at first glance to be state-sponsored, but later was found to be the work of cyber criminals seeking financial gain. The discovery is a cautionary tale for security experts not to be too rash when when drawing conclusions about high-profile cyber attacks.
The General Data Privacy Regulation (GDPR) seems to already be having a positive effect on the state of cybersecurity in Europe less than seven months after it was enacted, showing that policy indeed can have a direct effect on organizations’ security practices, security researchers said.