Facebook announced late last week that it had suffered the largest breach in its history with 50 million accounts were compromised, and another 40 million accounts affected. Yes, that equals 90 million accounts. If you use Facebook and were locked out of your account over the weekend, your account was most likely affected. The 50 … Continue Reading
California lawmakers have taken the lead in trying to address privacy and security issues with Internet of Things (IoT) devices (which we have been writing about for years), by passing the country’s first IoT security bill, which is now headed to Governor Brown’s desk for signature by September 30. One of the issues addressed by … Continue Reading
The recent tragedy with gas customers in Massachusetts has everyone focused on their utilities. Which makes it a perfect time for scam artists to take advantage of worried customers—both individuals and small businesses. One scam making headway is when a fraudster calls a customer over the telephone telling them that their water, electricity or gas … Continue Reading
As Hurricane Florence bears down on the Carolinas in the next few days, beware of scammers trying to take advantage of the good hearts of those of us who want to help the victims. We have seen it before, and no doubt it will happen again in the next few weeks as the devastation of … Continue Reading
An old trick is coming back and working. It is a wire fraud scheme targeted at homeowners instead of businesses, and it is happening at an alarming rate. Here’s how it works: An individual is in the process of purchasing a home. Most of the communication in real estate transactions these days is done via … Continue Reading
The Federal Trade Commission (FTC) regulates the Telemarketing Sales Rule (TSR), which requires marketing entities to eliminate from telemarketing campaigns telephone numbers that are listed on the Do-Not-Call Registry (the Registry). Although many of us have both our residential and cell phone numbers listed with the Registry, we still get many, many annoying and inconvenient … Continue Reading
I am speaking at a conference in one of my favorite cities (okay, it’s Chicago) and I was having dinner at the bar when the patron next to me asked me what I do for a living. I am a friendly sort of person and like to meet new people, so I told her what … Continue Reading
If you have bought a new cell phone recently, you have seen that the technology of the newest smart phones is far more advanced than in the past, and have features that most people don’t understand or use. When I conduct employee education for companies on data privacy and security, I devote a portion of … Continue Reading
Many readers questioned me about the Wall Street Journal article this week entitled, “Facebook to Banks: Give Us Your Data, We’ll Give you Our Users.” The questions and comments ranged from “Can they really do this?” to “This is outrageous!” Without getting into a legal analysis, there are laws that banks have to follow when … Continue Reading
The BBC recently posted a story about one of its employees who had access through a mobile app to someone else’s video footage of their home security camera. The security camera was manufactured by Swann. Following the story, a group of security researchers from Pen Test Partners decided to check it out and bought several … Continue Reading
We previously reported that LifeLock suffered a data breach and has been sued by the Federal Trade Commission for allegations of misleading customers [view related post], for which it settled with the FTC for $116 million [view related post] and then settled a suit alleging false statements to customers for $68 million [view related post]. … Continue Reading
Wearable technology and medical devices have vulnerabilities just like anything else that is digital. ICS-CERT recently issued an advisory about vulnerabilities in Medtronic’s MyCareLink patient heart monitors. These devices are implantable cardiac devices that transmit patients’ heart rhythms directly to a provider. The alert notes that vulnerabilities identified in the devices could be exploited by … Continue Reading
Timehop, an app that allows users to find and claim old photos and posts on social media, has reported a data breach of its cloud computing environment on July 4, 2018, which compromised 20.4 million accounts, 3.8 million of which are in the GDPR zone. According to an updated posting on its website yesterday, the … Continue Reading
Summer is finally here, and with summer comes vacations. Some of us are planners and plan vacations far in advance. Others look for last-minute finds that include “super savers.” If you are looking for a super saver, be aware that scammers are using different methods to commit fraud on unwary vacationers looking for vacation rentals. … Continue Reading
It used to be anecdotal that hackers can change the integrity of data in a bank account or steal your money if they get into the electronic system. I have heard many credible accounts of intrusions into systems where the intruders are able to change the integrity of the data—that means that if the balance … Continue Reading
I hang out with Chief Information Security Officers (CISOs) and Chief Information Officers (CIOs). I support them because they have thankless jobs and have a mountain of responsibilities to protect an organization, most of the time without complete support from the organization. I try to help CISOs and CIOs get the budgeting they need to … Continue Reading
The Singapore summit was the focus of news stories this week. The media descended on Singapore to capture all of the news. When journalists started posting pictures of the contents of the gift bags that they were given at the summit by a company associated with the local government, cybersecurity experts from around the world … Continue Reading
If you have ever purchased tickets from Ticketfly, be aware that it took its homepage offline last week because it has experienced a “cyber incident.” It stated that “Following a series of recent issues with Ticketfly properties, we’ve determined that Ticketfly has been the target of a cyber incident…” A hacker, self-dubbed IsHaKdZ confirmed and … Continue Reading
Admittedly, parents of teens have unique worries about their children. So-called “helicopter parents” worry more than others. A perfect app for such parents is Teen Safe, which allows those worried parents to monitor their children’s location, text messages, call history, app downloads and browsing history. Yikes—the only monitor I ever had with my kids was … Continue Reading
I have been watching several articles published by ZDNet with interest. First, ZDNet reported that “four of the largest cell giants in the US are selling your real-time location data to a company that you’ve probably never heard about before.” That company is LocationSmart, which touts itself as a data aggregator that has “direct connections” … Continue Reading
Update on Removing Your Name from Offers of Credit or Insurance and Access to Disclosure Report from NCTUE Last week’s Privacy Tip touched a nerve with many readers, and I received numerous comments and thank you’s from loyal readers who, like me, also had no idea about NCTUE or that they could opt out of … Continue Reading
Just when I thought I had frozen all of my credit, and was doing everything I can to protect myself from identity theft and fraud, I find out today about another one from KrebsOnSecurity. I am pretty knowledgeable on the subject matter of credit freezes, and have been an advocate of placing a credit freeze on … Continue Reading
As a frequent traveler, both personally and professionally, this bit of research unnerved me. Of course, it makes sense when you think about it, and none of us should be surprised, but it is a good reminder for those of us who are on the road a lot. Security researchers at F-Secure in Finland report … Continue Reading
How low can these scammers go? Too low. The Federal Trade Commission (FTC) is alerting consumers this week that imposters are calling people, and saying they are from the September 11th Victim Compensation Fund (VCF), then telling them that they may be eligible for compensation from the fund. They have spoofed New York area codes … Continue Reading
