Articles about Privacy

It’s been over a month since CCPA was implemented and businesses are struggling to comply. Smart organizations, however, know that compliance doesn’t have to be a sunk cost; in fact, it can be used as a competitive differentiator. Instead of playing catch up with global, national, and state data privacy regulations, businesses should consider implementing broad policies and protections for consumer information that will prepare the organization for any future legislation.

For all the criticisms of GDPR -- and there are many -- the EU legislation set an important precedent for data privacy laws internationally. Businesses that are already GDPR-compliant are in a good position to satisfy requirements from new national and state data privacy laws.

Continue reading →

Scams involving social media and online dating sites are on the increase. So it's not surprising that recent research shows a majority of people are now worried about identity theft and account hijacking.

But what happens when your identity gets stolen? And what can you do to protect yourself from this kind of scam?

Continue reading →

The UK's financial watchdog, the Financial Conduct Authority (FCA), has revealed details of a data breach that took place last year.

The FCA says that personal details of people who had made complaints against the watchdog were exposed following the online publication of a response to a Freedom of Information Act request. Among the exposed information are the names and numbers of those who had lodged complaints.

Continue reading →

Firefox users in the US will soon have DNS-over-HTTPS (DoH) enabled by default. Mozilla is in the process of rolling out the privacy- and security-focused feature after an intensive period of testing.

DoH is an option for anyone outside of the US, but it will have to be manually enabled. Once enabled, DNS lookups are routed through Cloudflare or NextDNS using an encrypted HTTPS connection, hiding it from third parties such as your ISP.

Continue reading →

Last week, Samsung customers around the world were confused by the appearance of a mysterious push notification which simply read "1". The company revealed that the Find My Mobile notifications had been sent out by mistake as part of a test, but there was something even more worrying.

In addition to the random notification, some users reported that they were able to access personal data of other users, including names, addresses and partial payment card details. Samsung has now admitted to the data breach and says it will be contacting those affected.

Continue reading →

If you feel you should be able to benefit financially from sharing information with Facebook, there's some good news: the company is willing to pay you for your voice recordings.

The scheme is part of the social network's Pronunciations program, and it sees Facebook trying to improve its speech recognition capabilities. But if you're hoping to get rich, you might be a little disappointed.

Continue reading →

Today's employees have access to a vast range of apps on their personal devices, but this can serve to undermine enterprise security because it's hard for IT teams to understand or control where sensitive corporate IP is going and how it's getting there.

The threat research team at Wandera has discovered a number of document management apps from Cometdocs that fail to use encryption when transferring files between the user and the backend service.

Continue reading →

The personal details of 10.6 million people have been posted in a hacking forum after MGM Resorts hotels suffered a data breach. The data includes dates of birth, email addresses, names, phone numbers and physical addresses, and celebrities such as Justin Bieber and Twitter's Jack Dorsey are among those affected.

While the data has only just been leaked, it stems from a security breach that took place last year. Data dating back to 2017 was found accessible on an unsecured cloud server.

Continue reading →

Google has confirmed that it plans to move data pertaining to its UK users out of Europe, and will instead store user accounts in the US.

The move comes as a result of the UK's departure from the European Union, and it is a side effect of Brexit that few would have predicted. Reuters reports that Google will be placing UK user accounts under US jurisdiction, adding that it "will leave the sensitive personal information of tens of millions with less protection and within easier reach of British law enforcement".

Continue reading →

Following a series of privacy-related controversies, smart doorbell maker Ring is making two-factor authentication (2FA) mandatory on all of its devices. In addition, the company is also giving users more control over personalized advertising.

Ring also says that it is temporarily pausing the use of most third-party analytics services in its apps and on its website. The company is working on giving users the ability to limit the sharing of data with third parties.

Continue reading →

Fifteen years ago, if you wanted to join Facebook (then The FaceBook), you needed a valid college email address and the site did not offer much more than study group meetups or a place to chat and share pictures with high school friends. Today, Facebook is a juggernaut with roughly 2.5 billion monthly active users -- and as one of the world’s largest ad platforms, the amount of data it has on its users is staggering. But in 2018, the Cambridge Analytica breach profoundly shook users’ confidence in the social network -- and the entire tech industry as well. Since the scandal, there have been Congressional hearings, lawsuits, antitrust concerns and even the complete demise of  Cambridge Analytica. But the questions did not end there -- consumers began to question how all big tech used their data. Why does Google track people’s location even if they have turned tracking off? Is Alexa recording my private conversations?  

Thanks to the fallout from the Cambridge Analytica scandal, and the endless stream of data sharing scandals since, consumers are more aware of their online privacy and are beginning to question how companies are monetizing their data. Let’s look at how the rise of social media created this data economy, the tech industries  attempt to regulate itself and how the U.S. government is woefully unprepared to address modern privacy challenges.  How do we progress in a world where every detail of our days are tracked?

Continue reading →

The total number of records exposed by data breaches increased by 284 percent last year compared to 2018, with over 15.1 billion records exposed in total.

This is one of the findings of the 2019 Year End Data Breach QuickView Report from Risk Based Security although the total number of 2019 breaches disclosed so far (7,098) is up only one percent.

Continue reading →

Despite recent legislation placing greater emphasis on privacy and data protection, a new study of data sanitization policies reveals that in many cases there’s a gap between policy and execution.

The study of more than 1,800 senior business leaders by Blancco Technology Group reveals that although 96 percent have a sanitization policy in place, 31 percent have yet to communicate it across the business and 20 percent don't believe their organization's policies are finished being defined.

Continue reading →

According to a new study, 36.5 percent of all organizations have experienced a malware incident on a mobile device in the past year, which represents a 142 percent increase from 2018.

Research from mobile security specialist Wandera finds 57 percent of organizations have experienced a mobile phishing incident, with 60 percent of mobile phishing attacks occurring over HTTPS.

Continue reading →

Facebook has announced a raft of changes to its Messenger Kids service, giving parents more control and oversight over what their children are able to do.

Parents are now about to see 30 days' worth of chat logs as well as details of the types of conversation they are having with different contacts. Other new features include the ability to see images that have been shared, and also to remotely log their child out of chat sessions using the Parent Dashboard.

Continue reading →