Data Privacy + Security Insider

Leveraging Knowledge to Manage Your Data Risks

The Commodity Futures Trading Commission’s LabCFTC recently released “A CFTC Primer on Smart Contracts” as part of LabCFTC’s effort to engage with innovators and market participants on a range of financial technology (FinTech) topics. The Primer offers a clear and concise explanation of “smart contracts” and their potential impact on the CFTC’s mission to foster open, transparent, competitive, and financially sound futures and derivatives markets.…
Darkreading.com has issued a survey entitled: Monetizing the Insider: The Growing Symbiosis of Insiders and the Dark Web which states that malicious insiders are responsible for 27 percent of all cybercrime. This statistic confirms that cybercriminals are increasingly recruiting insiders by using the dark web as a recruiting tool. So not only do businesses have to worry about employees who make honest mistakes and cause security incidents, or disgruntled employees who steal company information, but…
This has been quite the year of O365 intrusions. The story seems to be almost identical in each security incident we investigate this year, and it goes like this: Employee receives a pop-up message from Microsoft advising employee that s/he must change his or her password for security purposes. Employee types his or her user name and password into the pop-up message and provides “Microsoft” with the new information. In fact, an intruder has penetrated…
Calling the Marriott data breach “one of the largest digital infestations in history,” a putative class action was filed in Oregon this week seeking up to $12.5 billion dollars in relief. It should come as no surprise that soon after Marriott announced its massive data breach affecting potentially 500 million customers in the Starwood reservations database, several putative class actions were filed around the country and at least one in Canada. Lawsuits were also…
The National Aeronautics and Space Administration’s (NASA) Langley Research Centers has taken on the challenge of using drones in GPS-deprived environments, so it gathered a group of students from the Massachusetts Institute of Technology (MIT) to help find a solution for that problem. Those MIT students came back to NASA with a plan for a fleet of drones that can autonomously fly through a thickly vegetated forest, communicate with one another and create a 3-D…
This week, the New York Police Department (NYPD) announced that it will be adding a fleet of crime-fighting drones to its ranks. The NYPD plans to roll out 14 drones as part of its technology “evolution.” Police Commissioner James O’Neill said, “As the largest municipal police department in the United States, the NYPD must always be willing to leverage the benefits of new and always-improving technology.” The hope is that these drones will enable the…
We previously commented on the risks around the United State Postal Service’s (USPS) “Informed Visibility” service, which allows customers to preview their mail to inform them when it will be delivered. Some security experts recommend that customers opt out of the program so an account cannot be opened in your name. Last week, it was reported that an anonymous researcher discovered security vulnerabilities in the Informed Visibility service, an API that allowed anyone with a…
With more companies hiring, online recruiting scams have re-emerged to prey on job seekers and employers. The Better Business Bureau tracked more than 3,000 recruiting scams in the first 10 months of 2018 with losses in the million dollars. The online recruiting scam works this way: the scammer fraudulently uses a company’s name and logo, and perhaps the names of the company’s employees handling recruiting or human resources, to solicit applications from job seekers for…
Marriott today announced a major data breach, perhaps one of the largest in history. This breach illustrates the often made point that breaches and intrusions happen and go unnoticed for months or years. Marriott’s breach involved an unauthorized party that copied and encrypted information in the Starwood reservations database back in 2014. When Marriott acquired Starwood in 2016, the breach went undetected as that merger went forward, only to be discovered in 2018. This breach…
Some analysts have predicted that by 2020, there will be 20 billion Internet of Things (IoT) connected devices worldwide, which could grow to over 80 billion by 2025. Sales of IoT devices were $80 billion in 2017, and are predicted to grow to $1.4 trillion by 2021. With the exponential growth of IoT devices, experts are concerned about the security of these devices, and companies and consumers are taking note. A new report from DigiCert,…