#Privacy: TfL enforces mandatory password reset for its Oyster and contactless accounts

Transport for London (TfL) has locked all Oyster and contactless accounts following a data breach incident which took place earlier this year. In August, a credential stuffing attack resulted in threat actors targeting 1,200 Oyster card account holders and taking control of them for a brief moment. Subsequently, TfL locked all Oyster and contactless accounts […]

#Privacy: Mixcloud breach exposes millions of users

The personal data of tens of millions of Mixcloud users have been put on sale on the dark web.  In a statement, the British streaming service, Mixcloud announced that it has received reports about hackers gaining unauthorised access to some of its systems.  “Our understanding at this time is that the incident involves email addresses,  […]

#Privacy: New malware campaign found targeting hotel guest data

At least 20 hotels have fallen victim to a new malware campaign impacting hotel guest data in 12 countries.  The malware campaign, named RevengeHotels, has been targeting hotels, hostels, hospitality and tourism companies since 2015.  Researchers at Kaspersky, have noted that the campaign has since expanded, targeting more than 20 hotels in Brazil, Argentina, Bolivia, […]

#Privacy: Smartwatch exposes kids location and personal data

Researchers have warned that a children’s smartwatch has been leaking users’ personal and GPS data, exposing them to multiple threats. Created by the Chinese manufacturer, Shenzhen Smart Care Technology (SMA) Ltd., the SMA M2 smartwatch helps parents track their kids’ location, make phone calls, send messages and even send them notifications when their child leaves […]

#Privacy: Adobe announces Magento Marketplace data breach

Adobe has disclosed a data breach incident that exposed the account information of Magento Marketplace users.  According to Adobe, an unauthorised third-party had exploited an undisclosed vulnerability within the marketplace website. This ultimately allowed them to gain unauthorised access to a database containing information on the marketplace’s registered users.  The exposed information included names, email […]

#Privacy: Church’s Chicken investigates possible data breach

Church’s chicken, an American restaurant chain has launched an investigation into a possible data breach involving credit and debit card information. The company stated that it had detected unauthorised activity in the IT systems used to process payments at some of its 165 restaurants in the US. “Although our investigation is ongoing, what we currently […]

#Privacy: T-Mobile discloses security breach impacting its prepaid customers

In a data breach notification, T-Mobile disclosed that the account information of a number of its prepaid customers were accessed by an unauthorised party. The company’s cybersecurity team discovered and shut down unauthorised access to information relating to customer’s T-Mobile prepaid wireless account. The exposed information included customer names, billing addresses, phone numbers, account numbers, […]

#Privacy: Only 12.5% of US retailers protect customers from fraudulent emails

A new report by Red Sift, has found that just 12.5% of America’s top 100 retailers prevent fraudulent emails being sent to their customers.  The cloud-based email security company looked into the DMARC (Domain-based Message Authentication, Reporting & Conformance) status of retailers features in STORES Magazine’s Top 100 Retailers for 2019, along with their subsidiaries.  […]

#Privacy: Finance and Insurance firms invest the most on cyber security in 2018-19

Specops Software analysed the latest findings from Gov.uk to see how serious businesses are about cyber security.  Specops Software found that finance and insurance firms invested the most on cyber security, with £22,050 – an increase of 23% from the previous year, where both sectors spent an average of £17,900.  Firms in health/social care/ social […]