Tagged: privacy Toggle Comment Threads | Keyboard Shortcuts

  • Geebo 9:00 am on January 29, 2020 Permalink | Reply
    Tags: , , LabCorp, privacy, , Wawa   

    Recent data breaches can affect your money, health, and privacy! 

    Recent data breaches can affect your money, health, and privacy!

    If you’ve ever been to the East Coast especially the Pennsylvania and South Jersey areas you may be familiar with the convenience store chain Wawa. They recently had a data breach that could have exposed up to 30 million payment cards of its customers. Reportedly, hackers had installed malware into the payment processors at multiple stores at both the register area and their gas pumps. Some of the payment card information has even ended up on the web for sale to malicious actors. If you used a debit or credit card at a Wawa store in the past couple of months you’ll want to keep an eye on your account for unauthorized purchases.

    LabCorp is one of the nation’s largest medical testing companies. They recently had a flaw in their website that allowed 10,000 patient records to be exposed. This information included dates of birth, Social Security numbers, and lab results among other medical data. This is the second breach for LabCorp in the past year as their payment system was exposed back in June which resulted in the compromise of close to 8 million payment records. This latest breach could result in heavy fines for LabCorp under the Health Insurance Portability and Accountability Act (HIPAA). LabCorp has said that they will be notifying patients who had their data exposed.

    Lastly, it seems we can’t talk about data breaches without talking about Ring. While Ring’s most recent incident may not be a data breach per se, it does show how your information can be put at risk. The internet privacy advocates at the Electronic Frontier Foundation (EFF) claim they have discovered that the Android version of the Ring camera app sends user information to several third-parties. One of those third-parties is said to be Facebook and it doesn’t matter if you have a Facebook account or not. Some of the information sent to these third-parties include users’ full names, email addresses, and app settings including the number of locations they have Ring devices installed in.

     
  • Geebo 9:00 am on January 9, 2020 Permalink | Reply
    Tags: , privacy, , ,   

    Was Ring caught looking at customer cameras? 

    Was Ring caught looking at customer cameras?

    Amazon-owned Ring Cameras did not have the best 2019. If customer camera feeds weren’t being hacked then user information was allegedly being exposed in a data breach. Unfortunately for Ring, it doesn’t look like their 2020 is shaping up to be any better. In previous gaffes made by Ring, there was a kernel of truth in their claim that some of these privacy invasions could have been prevented by better user security. For example, by enabling two-factor authentication and not using the same password on all online accounts. But what happens when the security company is the one invading your privacy.

    Motherboard is reporting that Ring had to fire a number of employees who were caught accessing customer data that was not part of their jobs. In short, they were looking at customer video that they should not have been. While it can be expected for a company to monitor some of the user data for quality control purposes, it’s alleged that this was not the reason that certain employees were viewing customer videos. Considering that many Ring customers use the cameras inside their homes this can be especially off-putting knowing that Ring employees may be watching you at home.

    Depending on how this story gets picked up by the media, this could be a devastating blow to Ring’s reputation. How are consumers supposed to trust a company to help keep us safe when their employees are violating the privacy of the consumers? Granted, the number of people who were said to be doing this at Ring was low and they’ve all been relieved from their positions. But still, this seems to be yet another black eye for the security company that used to be the darling of families everywhere.

     
  • Geebo 8:00 am on October 15, 2019 Permalink | Reply
    Tags: , , privacy, , , ,   

    SIM Swapping can cost you thousands if you’re not careful 

    SIM Swapping can cost you thousands if you're not careful

    Freelance British food writer Jack Monroe recently made news when she found out that someone stole the phone number to her smartphone. They were then able to transfer the number to another phone where they had access to some of her financial information and were able to steal £5,000 from her personal account. That amount equates to close to $6,300 in the U.S. This is a trick known as SIM_Swapping or SIM-Jacking named after the SIM cards in most smartphones that contain your calling information including your phone number. Unfortunately, there’s not a lot you can do to protect yourself against the attack.

    SIM Swapping works when the victim is targeted by someone with knowledge of how the attack works. First, they get your name, address, and date of birth, then they contact your cell phone carrier to try and convince them that they are you. If the attacker is successful, he can get the carrier to switch your number to their phone. The attacker can then receive all your calls, texts, emails and the like. That way they can receive the two-factor authentication texts that would allow them to access any of your sensitive online accounts including banking.

    While most victims of SIM Swapping don’t notice the attack until it’s too late, there are some steps you can take to try to protect yourself although nothing is a guarantee of preventing such an attack. You can instruct your cell phone carrier to require a PIN number if anyone calls to try and have any portion of your service changed. As with most PINs, don’t make it something obvious that an attacker can guess like your birthdate. You can also sign up for a Google Voice number which is much more secure and tougher to attack than a traditional cell phone number but work just like a traditional phone number and they are also free to get.

     
  • Geebo 8:00 am on October 4, 2019 Permalink | Reply
    Tags: , , privacy, religion   

    Are religious apps taking advantage of the faithful? 

    Are religious apps taking advantage of the faithful?

    Even some of the oldest religions in the world have taken advantage of the digital revolution. Now, instead of carrying their religious texts with them everywhere many religious practitioners now use digital apps instead. With these apps, passages of inspiration and guidance are just at the tip of their fingers. There are legitimate apps dedicated to whatever religion you may choose to practice. However, that doesn’t mean that every religious app should be trusted as some try to be all-knowing but not in a good way.

    CNET recently did an expose on a number of religious apps in the Google Play Store. It was discovered that religious apps potentially contain more malware than gambling apps. Some of these apps request privacy permissions from users that go above and beyond what any app should be asking for with at least one app sharing personal information with Facebook. These privacy-invading apps do not discriminate as they can be found in apps dedicated to most major religions.

    People who practice a religion tend to trust other practitioners of that faith a little more than others. However, there have always been those looking to take advantage of that kindness and faith. While such faith in our fellow man is to be commended there is no shame in being somewhat cynical when it comes to those looking to make a buck or two off of your devotion. While many of these apps purport to make you stronger in your faith, the devil is truly in the details.

     
  • Geebo 8:00 am on September 6, 2019 Permalink | Reply
    Tags: , eavesdropping, privacy, ,   

    Is your phone really eavesdropping on you? 

    Is your phone really eavesdropping on you?

    Has this ever happened to you? You’re just innocently talking with your friends or family about something you normally don’t talk about. Then you see an ad on your phone for the very thing you were talking about. There’s plenty of anecdotal evidence out there to suggest that companies like Facebook and Google are eavesdropping on your private conversations so they can serve you more targeted ads. It’s compounded by the fact that companies like Apple, Microsoft, and Amazon have admitted that human contractors listen in on conversations heard by digital assistants. However, at least one study says that the eavesdropping phone is largely a myth.

    A mobile security company called Wandera has said that they’ve conducted research which they say shows that tech companies are not listening to your conversations. They placed an iPhone and an Android phone in a chamber where pet food advertisements continuously played. Both phones were running Facebook, Instagram, Chrome, SnapChat, YouTube, and Amazon in the background. However, the researchers did not witness any related ads on the devices in question. The researchers also say that the data used by both devices indicate that conversations are not being sent to the major tech companies. That’s not to say that tech companies aren’t tracking us in other ways.

    Other things like location data and browsing histories are said to be more effective in serving us targeted ads. Also, if you use a loyalty card at any store, advertising companies buy that information from the store and can match it with your social media accounts. Supposedly, there are sett9ngs on your phone where you can limit such targeting, however, we’ve either not been able to find these settings or they’re buried so deep in the app’s settings that it makes it difficult to escape targeting.

     
  • Geebo 8:00 am on July 18, 2019 Permalink | Reply
    Tags: #FaceAppChallenge, FaceApp, privacy,   

    Is the #FaceAppChallenge invading your privacy? 

    Is the #FaceAppChallenge invading your privacy?

    The Jonas Brothers aged using FaceApp

    Every few months or so, a photo app takes social media by storm. In the past, there was the craze where you could post gender-swapped photos of yourself. Snapchat previously had a filter that made you look like a baby. Now, the most recent trend is people posting pictures of themselves that have been artificially aged through an app called FaceApp. It seemed like everyone was having a good time with the app before it was reported that FaceApp may be committing a major breach of privacy. However, is it really that bad?

    According to reports, FaceApp is developed by a company in Saint Petersburg, Russia. This has led some to speculate whether or not FaceApp is a tool of the Russian government. FaceApp is also said to have an atrocious privacy policy. If you agree to their terms, FaceApp will have access to all the photos on your phone that have faces and could not only potentially be used in advertising but could be sold to third-parties. FaceApp claims that they are honoring all requests to have photos removed from their service and supposedly none of the data is actually sent to Russia.

    However, these kinds of privacy policies aren’t unique to FaceApp. Many apps that are based in the US have equally bad terms of service when it comes to your privacy. Even the most mundane apps such as weather or fitness apps sell your information to advertisers so they can show you ads tailored to your interests. So more than likely if you’ve taken place in the FaceApp Challenge you’re not being spied on by the Russian government. However, if you start seeing ads that are eerily specific to you, you’ll know why.

     
  • Geebo 8:00 am on June 20, 2019 Permalink | Reply
    Tags: Firefox, Google Calendar, Nest Cameras, privacy,   

    Tech Security news to protect your privacy! 

    Tech Security news to protect your privacy!

    Today we have a handful of stories that could potentially affect your privacy and we start off with Google Calendar. You may not realize that you even use Google Calendar but if you use Gmail to make any kind of appointments, the odds are you’ll receive a reminder from your Google Calendar. Now, reports are being circulated the Google Calendars are being used for phishing attacks. Reports say that you’ll receive a Google Calendar notification that says things like that you’ve received a cash reward or asking you to take a survey. Attached will be a link the phishers will want you to click on to try to glean your personal or financial information. Mental Floss has some tips on how to block these annoying invitations in Calendar, but as always you should never click on strange links from correspondents that you don’t know.

    If you’ve recently purchased a used Nest cam for your home you may want to know that in some instances the previous owners could still access the cameras. While that does sound scary it does not apply to all previously owned Nest cameras. The cameras must have previously been connected to a Wink branded home hub then the previous owners could still access the cameras through the Wink app. If you own a Nest camera and you feel it could be potentially compromised you may want to consider purchasing a new set of cameras as so far there has yet to be a fix for the issue. According to The Wirecutter, even a factory reset won’t help.

    Lastly, if you use the Firefox web browser you’ll want to perform an update as soon as possible. Mozilla, the company behind Firefox, recently issued a statement asking users to update their browsers after an exploit was found that could compromise user security. Mozilla didn’t go into detail about what the exploit was except to say that there have been documented accounts of attacks against the exploit. It’s relatively easy to perform an update on Firefox. All you need to is click on the open menu icon on the upper right of the browser. Scroll down the menu to the help option, click on help, then click on About Firefox. Then a prompt should come up asking you to update Firefox. Click on the update button and Firefox will update and your browser will be more secure.

    Hopefully, these tips will keep your privacy and security a little more private and secure.

     
  • Geebo 8:00 am on June 4, 2019 Permalink | Reply
    Tags: , , , privacy, quest diagnostics   

    Giant medical lab bleeds patient information! 

    Medical lab bleeds patient information!

    If you’ve ever had a blood test at your doctor’s office that they had to send to a lab, chances are that they may have sent it to Quest Diagnostics. Quest is one of if not the largest medical testing corporation in the country. Due to the sheer amount of testing and processing that Quest does, they must have their logistics down to a T to be able to handle so many patients. However, recent events have shown that even a well-oiled machine is vulnerable to breakdown.

    Within the past few days, it’s been reported that Quest has had a patient data breach on a massive scale. According to reports, close to 12 million patients have had their personal data exposed due to a billing vendor giving unauthorized access to an unidentified person. This information is said to have included financial information such as credit card numbers, medical information, and personal information. Quest claims that the results of any testing have not been exposed but they have also notified law enforcement of the breach.

    Besides being a PR nightmare for Quest, this could end up being very costly for them as well. Under the Health Insurance Portability and Accountability Act or HIPAA as it’s better known as the government could levy hefty fines against both Quest and their billing vendor for compromising such information. So far the largest HIPAA violation fine has been $5.5 million levied against a hospital that allegedly exposed over 100,000 patients’ information. With Quest and its vendor reportedly exposing the information of 12 million patients we could sadly see a new record being set.

     
  • Geebo 8:00 am on May 24, 2019 Permalink | Reply
    Tags: , privacy,   

    Is public social media dying? 

    Is public social media dying?

    When social media first became a part of our culture back in the mid-2000s it seemed mostly fun and harmless. It became an easy way for us to either reconnect with old friends or stay in better contact with our family. While platforms like MySpace were not without its problems it was largely just for fun. But when MySpace became too ostentatious some social media users longed for a cleaner appearing network and that’s when Facebook started to become the juggernaut that it is today. However, on most current social networks, the climate has become toxic. Many social network users seem to have lost that filter that they would use in everyday life when talking to other people in their lives.

    It also doesn’t help that many of these platforms don’t do enough to discourage the bad behavior of its users. Just recently, Facebook deleted billions of fake and abusive accounts. A number which rivals its actual userbase. To make matters worse, Snapchat employees were recently accused of spying on users.

    Now, because of many of these factors, a number of social media users are turning to more private methods of keeping in touch. According to The Metro, more users are turning to niche networks like Nextdoor or starting private message groups within apps like Slack and Telegram.

    As long as there are brands, content creators or someone with a story to tell, there will always be a place for public social media. But as those platforms become more difficult to enjoy there may come a day where we branch off into our own little corners of the internet where the signal could be better separated from the noise.

     
  • Geebo 8:00 am on May 2, 2019 Permalink | Reply
    Tags: , , privacy   

    Data breach exposed most American families 

    Data breach exposed most American families

    This past week, a data breach was discovered that could have put the personal information of 80 million American families at risk. Internet security experts discovered an unprotected database that was hosted in the cloud included names, ages, and genders as well as income levels and marital status. What’s even more concerning is that it’s unknown who the database belongs to. It’s been theorized that it may belong to an insurance or mortgage company.

    Every person in the database is said to be over the age of 40 which could potentially put seniors at risk not only for identity theft but phishing scams as well. There’s no evidence to suggest that cybercriminals accessed the database. However, the information could have been publicly accessible for months. Experts believe that the information provided in the database could also be used to launch ransomware attacks against people listed in the database.

    The server that the database was stored on was a Microsoft cloud server but it’s up to the database’s owner to make sure the database is encrypted. Microsoft has contacted the owner of the database and it has since been removed from public access. With the number of data breaches becoming more frequent every day have we reached a point where we should just expect our data to become exposed?

     
c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel