Articles about Privacy

O2 customer data has been found available for sale on the dark web, most likely as a result of a hack that occurred several years ago.

The gaming website XSplit was hacked three years ago and those responsible for the hack were able to obtain usernames and passwords from the site. Through the process of credential stuffing, in which account credentials acquired through a hack are tested on multiple websites, the hackers were able to gain access and log into O2 accounts.

Continue reading →

Data risk reduction specialist Identity Finder has rebranded itself as Spirion and has released the results of long-term sensitive data audits at three of its largest enterprise sites.

During the audits, the company discovered that if left unchecked, every legitimate piece of sensitive data will create up to 1,000 unnecessary copies.

Continue reading →

Researchers at security firm Bastille warn that many wireless keyboards can be very easily intercepted so hackers can see exactly what is being typed. With a very simple dongle called Keysniffer, it is possible to snoop on usernames, passwords and anything else that is being typed from up to 250 feet away.

In all, Bastille found that eight manufacturers produce keyboards -- meaning there are millions in use -- which use unencrypted radio communication to transmit easily captured clear text. The problem affects non-Bluetooth devices from the likes of Anker, Hewlett-Packard, Kensington and Toshiba.

Continue reading →

The rocky road to finding a replacement to the Safe Harbour data transfer agreement appears to have become a little smoother. The successor to the EU-US arrangement is Privacy Shield, and European regulators have said it will be permitted to run to at least a year without intervention.

Having been deemed unsuitable because of the level of access it gave the US to European data, Safe Harbor's replacement has been a long time coming. The head nod from regulators will be widely welcomed by the tech industry, as well as those disturbed by NSA surveillance revelations.

Continue reading →

Rightly or wrongly, telemetry in Windows 10 has been roundly and soundly criticized. But while the feature may be a privacy concern for some, Microsoft says that it is using the data gathered to provide advice to would-be Windows 10 users about driver and application readiness.

This is something that is aimed at enterprise users for whom Microsoft recognizes that certain apps are mission-critical for businesses. This is why the company has launched Upgrade Analytics to "provide customers with insights which allow them to [...] mitigate potential problems".

Continue reading →

Helping out with a drug trafficking case, Yahoo was able to recover emails that had previously been deleted. Now a judge wants to know how this was possible.

Yahoo's only policies state that email cannot be recovered once they have been deleted, and defense lawyers for Russell Knaggs -- who planned to move cocaine from South America -- want to know how the company was able to produce deleted email in this case.

Continue reading →

Pokémon Go has proved almost unbelievably popular, and like any app that gains a huge following, malicious versions of the app soon appeared. The game has been in the headlines after hackers knocked gaming servers offline, but there have also been major privacy concerns.

Now there could be a nightmare brewing for developer Niantic Labs in Germany, where consumer advocates say the game violates the country's consumer and privacy laws. Federation of German Consumer Organizations (VZBV) says the company needs to make sweeping changes to a raft of clauses in the app's terms of use in order to avoid further action.

Continue reading →

Much like Google, streaming music service Spotify is increasingly turning its attention to advertising. Announcing what it refers to as "programmatic buying", the company reveals that it is launching a targeted advertising program.

Advertisers -- or "buyers" in Spotify's nomenclature -- will be granted access to not only demographic data about users, but also access to information about playlists.

Continue reading →

Another day, another Brexit story. It’s going to be years before we stop hearing the various implications and results of the recently held UK referendum on leaving the European Union.

This time, it’s about private data and its sharing to third-parties, by private companies, without users’ consent.

Continue reading →

Yesterday France's National Data Protection Commission (CNIL) slapped a formal order on Microsoft to comply with data protection laws after it found Windows 10 was collecting "excessive data" about users. The company has been given three months to meet the demands or it will face fines.

Microsoft has now responded, saying it is happy to work with the CNIL to work towards an acceptable solution. Interestingly, while not denying the allegations set against it, the company does nothing to defend the amount of data collected by Windows 10, and also fails to address the privacy concerns it raises.

Continue reading →

After accusations that Windows 10 collects too much data about users, France's National Data Protection Commission (CNIL) has order Microsoft to comply with the French Data Protection Act within three months. The company has been ordered to "stop collecting excessive data and tracking browsing by users without their consent".

In addition to this, the chair of CNIL has notified Microsoft that it needs to take "satisfactory measures to ensure the security and confidentiality of user data". The notice comes after numerous complaints about Windows 10, and a series of investigations by French authorities which revealed a number of failings on Microsoft's part.

Continue reading →

Transparency reports from the big tech companies always make for interesting reading, and the latest update from Google is no different. Its most recent transparency report covers the period July-August 2015, and shows that the company received a record number of government data requests.

The report shows the number of times governments around the world contacted Google with requests for access to user data. For anyone with an interest in either privacy or security, the marked increase in the number of requests is interesting.

Continue reading →

Key components of Opera Software are to be taken over by a Chinese business consortium. A planned $1.24 billion takeover of the entire operation fell through after failing to gain regulatory approval, but a new deal has been struck in its place.

Instead, the consortium -- comprising Qihoo 360 Technology Co, Beijing Kunlun Tech Co and others -- will take over just a portion of Opera Software's consumer business for $600 million. With the desktop and mobile version of the Opera web browser now falling into Chinese hands, there will no doubt be concerns about potential privacy issues based on China's history.

Continue reading →

In the world of web browsers, there are four or five big names to choose from but no end of smaller alternatives. One such browser is Maxthon, and security researchers have just discovered that this Chinese-produced browser is transmitting a wealth of data about users back to China.

Researchers at Fidelis Cybersecurity and Exatel found that Maxthon frequently sends zip files to Beijing over HTTP and this contains a terrifying amount of data about users' browsing habits. The ueipdata.zip file incudes, among other things, details of the sites visited by users, the applications they have installed, and what searches have been performed.

Continue reading →

Details of privileged accounts represent a major prize for hackers because they unlock the access required to exploit virtually any part of an organization's network and data. Yet according to a new report many companies are failing to adequately protect them.

The study by privileged account management (PAM) specialist Thycotic and research firm Cybersecurity Ventures benchmarked the PAM performance of more than 550 organizations and found that 52 percent received a failing grade.

Continue reading →