TalkTalk talks numbers – revealing that “only 4%” of its users were affected by the hacking attack on its systems.
The post Nearly 157,000 TalkTalk customers had their personal details hacked appeared first on We Live Security.
Tag Archives: data breach
Brazil faces unique cybersecurity challenges
Futurecom is Brazil’s major conference and exhibition for the mobile industry to come together and look at the specific requirements that this unique country and culture need.
I was fortunate enough to be asked to be on a panel of industry experts, which included companies such as Tefonica, TIM, Telebras, Deloitte IBM, KPMG and of course AVG. The discussion was promised to be about cybersecurity with the following questions asked by the moderator through the 1.5 hours to get the discussion going.
- How does the advancement of mobile applications and the use of new devices (and any connected “thing”) make even greater challenges for cybersecurity?
- What are the most critical aspects which users need to worry about?
- How can suppliers, operators and providers contribute to increase the level of protection in these environments?
- What are the main trends in cybersecurity compared to mobile and the internet of things which just tend to grow?
Each participant gave a view point, and what interested me was how the entire conversation, regardless of the question, seemed to revolve around two topics: data breaches and consumer privacy. This dominated the answers, yet if the same questions had been asked 3 years ago this would have been about malware and protecting devices, but now the conversation is about us, the consumer.
Brazil has some unique challenges in this area as there is no legislation requiring companies to disclose any data breach, and therefore the consumer never knows if their data has been compromised. The consensus of the panel was that governments need to legislate. While I agree with the need for ‘some’ legislation there is also an opportunity for industry to self-regulate and show a responsible path. Self-regulation in any industry allows companies involved to find innovative ways to provide solutions and allows new business practices that may not have been permitted by the strictness of specific legislation.
The fact that data breaches and consumer privacy topped the agenda is not surprising. If we look at the trend of security stories in the US and Europe you’ll notice that the news coverage is all around these topics and the many data breaches that have taken place.
We, whether knowingly or not, disclose and share more information with companies than any generation has ever done before us: our preferences for food, where we shop, our location — the list of data is endless. It is only when this data falls into the wrong hands do we take time to think about the consequences of having shared it, and then maybe regretting it a little. As consumers we need greater choice and control on what is being collected about us and ultimately how it may be used.
It’s not surprising that in one of the world’s major populations, in which a large number of people moved straight to mobile skipping the PC generation, that mobile applications are used in slightly different ways to the rest of the world. I recommend watching to see how Brazil handles the challenges of data breaches and consumer privacy, whether legislated or self-regulated.
TalkTalk data breach
Over the last few days, more details pertaining to the recent news that TalkTalk has suffered a data breach have been made public, but there are still many questions about exactly what was taken. In many data breach cases, details are limited by the need for the company and law enforcement agencies to ascertain the extent of the breach and to collect evidence.
With the news that a suspect has been arrested in connection to the cyber attack, I am sure more details will start to become available over the coming days.
So far, it appears the data exposed – some of which may have been encrypted – could include: names, addresses, DoBs, email addresses, phone numbers, TalkTalk account information, bank details and partial credit card details. But what could this mean practically?
Take account information, for example – is a user’s Active Choice information held within their account settings? If so, I wonder how many people would be embarrassed by people discovering they have disabled porn filters on their broadband. With this sort of personal information, could we be looking at ‘Ashley Madison 2.0′?
Looking at recent data breaches, spear phishing is a frequent method of entry – targeting individuals within a company or organization to reveal details allowing hackers access to internal systems.
This means implications for both companies and consumers. Organizations should limit employee access to sensitive information in order to limit the risk of falling victim to attacks like this. Employee education – ensuring workers are aware of the dangers – is also paramount.
My advice to consumers:
- Ensure other online accounts aren’t using the same email and password combination as stored with TalkTalk. If so, change them.
- Be wary of spammers sending emails that look like they’re coming from TalkTalk. Scrutinize these emails carefully and, if in doubt, contact TalkTalk directly to ensure it’s an official communication.
- If you are concerned that credit card details have been breached, then call your card company and have the card suspended or stopped.
TalkTalk experiences ‘significant and sustained cyberattack’
It has been revealed that TalkTalk has been subject to a “significant and sustained cyberattack”, with criminals likely to have accessed personal and banking details belonging to its customers.
The post TalkTalk experiences ‘significant and sustained cyberattack’ appeared first on We Live Security.
Sony agrees to $8 million settlement over 2014 data breach
Sony Pictures Entertainment says that it will pay out $8 million to its employees, over a data breach last year. The studio was attacked by cybercriminals over the release of the movie The Interview.
The post Sony agrees to $8 million settlement over 2014 data breach appeared first on We Live Security.
CIA director’s personal email account ‘breached by teen’
It has been claimed that the director of the CIA has had his personal email account breached by a teenager, with social engineering playing a part in the hack.
The post CIA director’s personal email account ‘breached by teen’ appeared first on We Live Security.
10 key facts you need to know about cyber insurance
The regular occurrence of data breaches is pushing organizations to think more seriously about updating their risk management policies. With that in mind, we look at the top ten things you need to know about cyber insurance, which is fast becoming a business necessity.
The post 10 key facts you need to know about cyber insurance appeared first on We Live Security.
America’s Thrift Stores experiences data breach
America’s Thrift Stores has announced that it is the latest victim of a cyberattack, with the gang behind the data breach thought to be from Eastern Europe.
The post America’s Thrift Stores experiences data breach appeared first on We Live Security.
Dow Jones & Company experiences data breach
The latest big name victim of a data breach is Dow Jones & Company, which reports that up to 3,500 of its customers may have been affected.
The post Dow Jones & Company experiences data breach appeared first on We Live Security.
Experian experiences T-Mobile data breach
Experian has revealed that information belonging to T-Mobile, which was housed on one of its servers, has been accessed by cybercriminals in a data breach.
The post Experian experiences T-Mobile data breach appeared first on We Live Security.
