Tag: data breach

U.S. Customs Data Breach Is Latest 3rd-Party Risk, Privacy Disaster

A data breach of information belonging to the U.S. Customs and Border Patrol (CBP) that leaked photos of people and vehicles traveling over the United States border once again shows the risk associated with third-party access to sensitive or classified information. The breach–the result of a cyber attack on a third-party contractor who collected the images for the CBP–also raises issues of privacy and how much control and access should the government have over personally identifiable information, security experts said. News of the data leak broke widely on Monday, but CBP said said it actually occurred earlier. In an e-mail to Security Ledger, the agency said that on May 31, a subcontractor–revealed in reports to be Perceptics–transferred copies of license plate images and traveler images collected by CBP to the its company network without government knowledge or permission. Perceptics was soon after hit with a “malicious cyber-attack” that resulted in […]

Report: Companies Still Grappling with IoT Security

Data breaches relating to unsecured Internet of Things devices have jumped by more than 10 percent since 2017, suggesting security efforts aren’t keeping pace with the growth of the Internet of Things, a new study finds.

Unsecured Database Exposes Data of 80M U.S. Households

Researchers have found an unsecured Microsoft-hosted cloud database that holds personal information from 80 million U.S. households, exposing sensitive data and putting people at risk for identity theft, ransomware and other cybercrimes.

Podcast Episode 141: Massive Data Breaches Just Keep Happening. We Talk about Why.

Countless Congressional hearings, 48 state data privacy laws and GDPR and mega breaches like the discovery of data on 500 million Facebook users just keep happening. Why? In this episode of the podcast, Paul is joined by experts from the firm BitSight and BigID to discuss why we can’t seem to stop the breaches.

Russian Cyber Criminal Named as Source of Massive Collection 1 Data Dump

A Russian cyber criminal going by the name of “C0rpz” is believed to be the source of a massive trove of over one billion online credentials known as “Collection 1,” the firm Recorded Future reports.