Cyber Privacy & Security News of the Week – Trusting others with our data
How much do we trust companies that store our personal information? And in case they are leaked, what are the risks and who takes the blame? There’s not much we can control when it comes to our personal data and to our right to access information freely in a world of car hackers, censorship, and data leakage. Here is a summary of the cyber privacy and security that made the news last week.
Data leakage – taking responsibility
- Companies are rarely held responsible for customer data getting stolen by hackers. However, in the United States it just got easier to sue companies over data breaches, after the 7 Circuit Court of Appeals reinstated a lawsuit against Neiman Marcus over a 2013 data breach. Back then, hackers stole credit card information from 350,000 customers, some of the data being used for fraud. The judges decided that the case can proceed stating that there is a substantial risk of harm to consumers.
- At the beginning of the week, Mozilla announced a Firefox exploit that affects Windows, Mac, and Linux user. The flaw allows attackers to search the victim’s files and upload them to a server located in Ukraine. Mozilla has issued a patch and has recommended users to update immediately.
- The UK government is conducting an investigation about a recent breach at British phone retailer Carphone Warehouse, which may have exposed as many as 2.4 million customers’ names, addresses, birthdates and bank information, along with up to 90,000 customers’ encrypted credit card data.
- Mobile banking use in Brazil, India, Indonesia, and the Philippines poses a great risk of data leakage for customers and hackers might even be able to manipulate transactions. According to a research conducted by the University of Florida “it is possible that these apps are already being exploited in the wild, leaving consumers with no recourse to dispute financial transactions”.
Censorship in China and Russia
- The content considered inappropriate and being censored is piling up in China. The Ministry of Culture in China banned 120 songs with “immoral” messages, including “No Money No Friend,” “Don’t Want To Go To School,” and “One Night Stand.” The government stated that websites that did not comply would be severely punished.
- Meanwhile, Russia threatens to block Reddit due to a thread on growing narcotics. This would be a new addition to a growing number of websites that are being blacklisted for criticizing the Russian government.
What’s your apps’ and gadgets’ privacy level?
- Facebook is facing privacy complaints daily. Data logging, user location, third party apps that get access to your information are just a few aspects that raise privacy questions. Here’s how to find and block all the companies tracking you on Facebook in just a few easy steps.
- The last few weeks have been full of Android privacy concerns. Last week, researchers announced they found a way to steal fingerprints from Android phones packing biometric sensors such as the Samsung Galaxy S5 and the HTC One Max. What does this mean for you? It means that attackers can have money transfers authenticated by throwing a fake lock screen prompting you to scan your fingerprints to unlock a device.
- Manufacturers and retailers are paying little heed to longer-term privacy and security as they pump intelligent consumer devices into the market, according to industry group the Online Trust Alliance.
With members including Microsoft, Symantec, ADT, AVG, Target, TRUSTe and Verisign, the alliance this week issued guidelines for IoT manufacturers, developers and retailers for use with connected devices. Read more about the privacy concerns related to Smart TVs and wearables on ZDnet.com.
- Twitter announced it would open up its entire archive of tweets to marketers via a new Full-Archive Search API. “This new product builds off of our existing 30-Day search solution and extends the available window of instant and complete Twitter access to a span of more than nine years… and counting”, says Twitter.
Hacking for all ages
- There is no legal age for hacking and anyone with a PC and a large dose of curiosity can master it. Welivesecurity.com published a list of 6 kids geniuses who are destined for a career in cybersecurity.
- A recent poll shows that most Americans don’t want to see Edward Snowden pardoned. 43% of them say they want Snowden to come back to the United States and face the consequences of his actions, supporting the federal government’s attempts to pursue a criminal case against him.
- In case you’ve missed the updates and zero day vulnerabilities from Black Hat 2015, here is a list of the biggest risks exposed during this year’s event.