Research by Coveware has identified that the average ransom paid out by victims has increased 13% in the last three month. In its Q3 Ransomware Marketplace report, the average ransom paid was $41,198, an increase of 13% as compared to Q2 of 2019, $36,295. However, the researchers noted that the rate of increase has “plateaued” […]
Privacy
#Privacy: Internal passwords belonging to Orvis leaked twice
A report has revealed that Orvis.com, an American retailer, leaked hundreds of internal passwords on Pastebin.com. According to Krebs On Security, the leaked credentials related to backend management, firewall administration, router settings and database servers. Krebs received a tip from Hold Security in late October about the data breach, stating that there was a large […]
#PrivSecNY: Cyber-security meets data privacy in fascinating opening day at PrivSec New York
A global audience of privacy and security professionals met at PrivSec New York at Columbia University for an insightful two days of keynote talks and panel debates. Thanks to the engaging presentations on a range of topics delivered in two separate theatres, attendees found themselves at the forefront of the global debate on data protection […]
#Privacy: Hosting provider SmarterASP.NET struck by ransomware attack
SmarterASP.NET, a US hosting provider has been hit by a ransomware attack, impacting its 440,000+ customers. Over the weekend, hackers had breached the SmarterASP.NET network and encrypted data on customer servers. Additionally, the attack also impacted the company’s website which went offline on Saturday. The files seem to have been encrypted by a ransomware that […]
#Privacy: Proceed with caution – the ICO opinion of facial recognition technology
By Michael Drury & Julian Hayes, partners at BCL Solicitors LLP Ahead of an upcoming appeal against the High Court ruling permitting police use of facial recognition technology (FRT), the Information Commissioner on 31 October published her first ever official opinion under the Data Protection Act. Coming from the UK’s respected data supervisor, the document, tackling […]
#Privacy: Regulator “advocating a more cautious approach” to facial recognition technology
The UK data regulator, the Information Commissioner’s Office is “not seeking to curtail its use completely,” Julian Hayes says, following the ICO’s official opinion on the Bridges case regarding the use of facial recognition technology (FRT). “A gradualist path is likely to achieve longer term “buy-in” from legislators and the wider public, ensuring the crime-fighting […]
#Privacy: Bed Bath & Beyond discloses data breach
The home goods retailer has announced that an unauthorised party acquired the login information of some of its customers. According to the Securities and Exchange Commission (SEC) filing, an unauthorised party obtained email and password information from an external source outside the company’s system. Less than 1% of Bed Bath & Beyond’s online customer accounts […]
#Privacy: Australia proposes facial recognition to gain access to adult sites
The Australian government has proposed using facial recognition to verify the ages of people wanting to visit adult sites. Currently, Australian law does not prohibit minors from visiting adults site, however this new proposal would require users to verify their age before watching the adult material. Under the proposal, which was launched by Australia’s Department […]
#Privacy: WhatsApp sues Israeli firm over alleged hack
A lawsuit has been launched against the Israeli surveillance company, NSO Group, over claims that it was behind cyber-attacks infecting users with malware. The NSO Group is being accused of being responsible for a series of sophisticated cyber-attacks which resulted in malware being sent to roughly 1,400 users from 20 different countries, between a two […]
#Privacy: Over 7m Adobe Creative Cloud users exposed to hackers
Nearly 7.5 million Adobe Creative Cloud user records were left exposed due to an exposed, non-password protected Elasticsearch database. Security researcher Bob Diachenko, who worked alongside Comparitech, estimates that the database was exposed for about a week. However, it remains unknown as to whether anyone else gained unauthorised access to the database. The exposed information […]