Security News
A lawsuit alleging that ex-UKIP leader Richard Braine took part in blackmail and data breaches has been all but thrown out of the High Court as a judge said it was "Without any proper and sound evidential foundation". Amid rival political factions struggling for control of the right-wing party - which launched Nigel Farage's political career before the televisually omnipresent Brexiteer split off to form his own movement - Braine was accused of illicitly accessing party figures' email accounts and the party membership database.
Companies with inadequate data privacy practices are 80 percent more likely to suffer a data breach than those with the highest-ranked privacy practices and will face fines seven times larger than companies with the best scores in the event of a data breach. Privacy issues Companies with the lowest privacy scores lost 600% more records than high-scoring companies.
There's a direct correlation between a company's poor privacy practices and the likelihood of a data breach, according to a report from the data privacy platform Osano, The Osano Data Privacy and Data Breach Link. Businesses with poor privacy practices are 80% more apt to experience a data breach.
Auctions platform LiveAuctioneers has revealed a data breach that likely impacted approximately 3.4 million of its users. "As of July 11th, 2020, our cybersecurity team has confirmed that an unauthorized third party accessed certain user data through a security breach at a LiveAuctioneers data processing partner that occurred on June 19, 2020," the online marketplace notes.
Bleeping Computer is in touch with the data breach broker: a "Known and reputable" broker who's selling databases, all of which contain different data types but all of which include usernames and hashed passwords. Home Chef, a meal delivery service, confirmed a data breach two weeks after a hacker group named Shiny Hunters listed a database of 8 million customer records on a dark web marketplace.
In many or most recent data breaches where authentication data gets stolen, the crooks don't end up with your actual password along with your login name. Passwords usually are - or certainly should be! - stored in a hashed form, where the hash can be used to verify that a supplied password is correct, but can't be wrangled backwards to reveal what the password was.
The San Francisco Employees' Retirement System this week disclosed a data breach that impacted over 70,000 of its members. According to the vendor, while it has no evidence that any data pertaining to SFERS members was removed from the server, it cannot confirm that the perpetrators did not access or copy the data.
Nearly 80% of the companies had experienced at least one cloud data breach in the past 18 months, and 43% reported 10 or more breaches, a new Ermetic survey reveals. "Even though most of the companies surveyed are already using IAM, data loss prevention, data classification and privileged account management products, more than half claimed these were not adequate for protecting cloud environments," said Shai Morag, CEO of Ermetic.
Joomla, one of the most popular Open-source content management systems, last week announced a new data breach impacting 2,700 users who have an account with its resources directory website, i.e., resources. The company said the incident came to light during an internal website audit that revealed that a member of the Joomla Resources Directory team stored a full unencrypted backup of the JRD website on an Amazon Web Services S3 bucket owned by the third-party company.
Joomla, one of the most popular Open-source content management systems, last week announced a new data breach impacting 2,700 users who have an account with its resources directory website, i.e., resources. The company said the incident came to light during an internal website audit that revealed that a member of the Joomla Resources Directory team stored a full unencrypted backup of the JRD website on an Amazon Web Services S3 bucket owned by the third-party company.