Formjacking accounts for 71% of all web breaches

According to F5 Labs, formjacking has become an extremely popular method of data stealing.  Formjacking is the process of injecting malicious code onto e-commerce websites with the purpose of stealing payment credentials.  In F5 Labs latest Application Report 2019, 760 breaches had been analysed, and it was found that during the first half of 2019, […]

#privacy: Air New Zealand experiences data breach 

Over 100,000 Air New Zealand Airpoints customers have been affected.  A phishing attack has exposed the personal information of approximately 112,000 Airpoints customers, with names, details and Airpoints numbers among data compromised. Air New Zealand notified the New Zealand’s Office of the Privacy Commissioner about the breach on July 31, however customers were only informed […]

#privacy: Alison Pepper to speak at PrivSec New York

Alison Pepper will address audiences at PrivSec conference, taking place November 5th and 6th at Columbia University, New York City. Alison Pepper currently serves as the Senior Vice President of Government Relations at the American Association of Advertising Agencies (4As) in Washington, D.C. In that role she works with regulators, legislators, and cross-industry stakeholders on […]

#privacy: DanaBot banking trojan is on the move

The banking trojan DanaBot has expanded its targets to Germany from Australia since June. Webroot explains that DanaBot “works to gather sensitive banking information from unsuspecting users for fraud and other criminal activity.” The malware had been first observed targeting Australia in its earlier campaigns, and it appeared that it only came from one threat […]

#privacy: Malware that can record computer screens discovered

A new malware has been discovered that is able to record the screen of an infected machine and identify a user who is viewing porn.  Researchers at IT security company ESET, first observed the malware dubbed “Varenyky” in May 2019. A month later, researchers saw the first malicious document infecting a victim’s computer which had […]

#privacy: Personal data of Visa applicants accidentally leaked 

The personal data of 317 people applying for Australian Visas were accidentally emailed to an incorrect address due to a “typo”.  In an investigation by ABC, it was uncovered that a spreadsheet had been sent accidentally to an unknown individual’s email address.  The breach happened in 2015 by a subcontractor of Bupa, Sonic HealthPlus (SHP). […]

#privacy: Public Transport Victoria in breach of privacy laws

In July 2019, Public Transport Victoria (PTV) released a dataset that exposed the travel history of more than 15 million myki cards. The dataset also leaked  1.8 billion travel records of myki public transport users between the period June 2015 and June 2018.  The dataset contained records of the touch on and touch off data, […]

#privacy: US says foreign power is responsible for cyber-attack on Czeck government

A security committee held at the US Senate this week has concluded that a foreign state is behind the latest cyber-attack to hit the Czech Foreign Ministry. No further details have yet emerged on the regime’s identity, nor on the specifics of the attack, Reuters reports. Originally, a Czech newspaper stated that the cyber-attack on […]

#privacy: US supermarket data breach may stop consumers using store facilities

Earlier this week, US supermarket chain, Hy-Vee announced that a data breach may be affecting payment processing systems at certain points of sale. Among facilities thought to be impacted by the breach are the supermarket’s fuel pumps and drive-through coffee shops. Market Grilles, Market Grill Express and Hy-Vee’s Wahlburgers are among restaurants that could be […]