NEWS & UPDATES

A “hacktivist” is a person (or group) who hack into systems for political reasons or with a “socially-motivated” interest. In terms of the latter, the idea for some is to raise awareness of weaknesses so they can be plugged.

Last year for example, the Hungarian Human Rights Foundation (HHRF) website was accessed by a “hacktivist”. The cyberhacker said that they were able to access 20,000 accounts including personal information; but it was not an act borne from malicious intent…
Read More

It seems our anti-virus cybersecurity protection software may apparently be putting us at risk. This juxtaposition is reportedly shared by the British Government who will avoid using the Russian-made Kaspersky anti-virus software over national security concerns.

The software works by accessing a lot of information; scanning it all for malicious coding. It’s this access to large amounts of information that is apparently worrying the British government.
Read More

The U.S. Supreme Court is to hear a second significant case on digital privacy. Although digital data privacy is something that is fast becoming a common issue of debate, there remains a struggle to distinguish what the boundaries are when it comes to owning it or using it.

In this case, the dispute is between technology-giant Microsoft and the U.S. federal government. In 2013, U.S. prosecutors in a drug trafficking investigation obtained a warrant to search a suspect’s emails. It took the warrant to Microsoft demanding access to emails, and they put up a fight to stop access to them.
Read More

Cybersecurity consultancy firm Accenture reportedly held an incredible amount of sensitive customer data on four cloud servers that were not password-protected. There were some 137GB of data on Amazon’s cloud bucket that included decryption keys, and without a password, the account was essentially available for access by the public.

The unsecured servers were discovered by a security research firm, UpGuard, in mid-September. They found:

• Secret Application Programming Interfaces
• Authentication credentials
• Certificates
• Decryption keys
• Customer information

Read More

The U.S. National Football League has reportedly seen a huge data leak where 1,113 players had their personal information posted online.

The website for the NFL Players Association also included contact information for the players and their agents in the reach. Exposed information apparently included:

• Email addresses and mobile telephone numbers
• Home addresses of agents
• IP addresses for users when signing in
• Logged information for the website was accessed
• Advisor fee percentages

Read More

It’s a potentially deadly combination: healthcare data and mobile apps.  In fact, one of the world’s largest diagnostics service providers had its security wall breached as a result of a mobile app exposing medical data. So, it has happened.

Reportedly, around 34,000 customers had personal and medical information accessed during the breach. The information included customers’ names, dates of birth, health records and some telephone numbers.

Thankfully, the breach did not include any financial details like bank account numbers, sort codes and NI numbers. But it raises serious doubts over whether the healthcare industry is really secure enough to combine with the mobile app industry. Is it just too risky?
Read More

The Information Commissioner’s Office (ICO) has fined Easyleads Limited £260,000.00 after they reportedly made 16,730,340 automated marketing calls without obtaining proper consent from the recipients.

In total, 551 complaints were made to the ICO.

Easyleads were found to have violated the Data Protection Act and the Private Electronic Communications Regulation (PECR) for the illegal calls, and the fine was imposed as a result of their actions.
Read More

Cab Guru Limited has been found liable for breaking data protection and electronic communication rules by sending out hundreds of thousands of unwanted text messages to market their services.

The company was set-up by a number of licensed taxis and private hire firms to make an app for customers to book cabs through their smartphones… the app allowed people to compare fares and how long taxis would take to pick them up.

Ti help market the new venture, the Cambridge-based company sent text messages that advertised their app to hundreds of thousands of people. While the stunt may have worked for some, hundreds took to complaining and reporting the unsolicited marketing messages.
Read More

“Are you getting the best rates for home energy saving solutions and products?!”

How many calls do you get with over enthusiastic salespeople asking you if you want to switch your energy provider, bring a PPI claim or even talk about a car accident you didn’t even know you’d been involved in?

After the first few calls you start to realise just how annoying they are, and then the questions begin: “How did they get my number? Why are they calling me? Where are they coming from?”

There are all sorts of ways they can get hold of your details, and there’s a very big market for the sale of information for marketing purposes. It can often be a dark web of information being passed around time and time again, and when companies fail to check whether they can call people, the ICO will end up involved.
Read More

Your Money Rights Limited was found guilty of breaching data protection principles by reportedly making a record 146 million nuisance calls pushing people to make PPI claims.

Based in Carmarthenshire, the company statistically made enough calls to contact every woman, man and child in the U.K. twice over.

Anyone reading this has probably experienced at least half a dozen in the past year. Recipients were less than amused by the numerous calls and complained to the Information Commissioner’s Office over the unsolicited calls, saying the recorded messages made them feel “harassed and threatened”.
Read More

Newkirk Products Inc, a company who provides ID cards for health insurance plans, revealed a data breach took place last year that allowed unauthorised access to a server that contained member information.

The server that was hacked reportedly contained the data for an estimated 3.3 million members.

Now, this is the kind of breach that can be very dangerous several years after the event. With cybercriminals known to hold on to information for future use, any victim of a data breach needs to be wary.
Read More

Google has been locking horns with the U.S federal government once again over the storage of data abroad.

It’s believed Google lost their third dispute in court over the matter, and lengthy legal battles remain at large.

The disputes arose when Google challenged the validity of a search warrant for looking through company data that was stored abroad. This asks the question about who has jurisdiction for information held overseas, and therefore which laws apply to the stored data.
Read More