San Francisco police’s private data leaked

August 24, 2011 under all posts

San Francisco police’s private data leakedHackers have launched another attack on a transport agency that cut off mobile phone services at San Francisco stations last week to prevent protests. BBC News reports that hacking group Anonymous announced on Twitter that the private data of 102 Bay Area Rapid Transit (BART) police officers had been leaked.

The protests began after two fatal police shootings, one in 2009 and one on July 3rd this year. Anonymous asked that the police force disband and threatened the release of the information it had gathered in retaliation if it didn’t.

The Federal Communications Commission will be starting an investigation as to whether BART violated freedom of speech rights protected by the US Constitution when it stopped mobile phone services for BART passengers.

See the full story on the BBC

Share
comments: 0 » tags: , , ,

Hacktivism creating ‘chaos and change’

August 24, 2011 under all posts

Hacktivism creating ‘chaos and change’ McAfee has cited the explosion of hacktivism, the evolution of mobile attacks and the continuing growth in unique malware samples as the top security trends of the past three months, according to a v3 report. The security space saw ‘chaos and change’, after groups such as Anonymous and LulzSec drew attention to hacktivism and raised important questions for enterprises and government organisations around the world.

See the full story on v3.com

Share
comments: 0 » tags: , , ,

Kids app developer forced to pay $50k

August 18, 2011 under all posts

Kids app developer forced to pay $50kIt’s no secret that privacy law hasn’t quite caught up with the times. But according to paidContent.org, there’s one area where privacy law is perfectly clear – when it involves kids. In a recent ruling in the US, developer Broken Thumbs Apps has been ordered to pay $50k for violating the Children’s Online Privacy Protection Act (COPPA).

Emily’s Girl World, Emily’s Dress Up, Emily’s Dress Up & Shop and Emily’s Runway High Fashion were the apps that violated COPPA by encouraging kids to email questions and comments to “Emily.” These email addresses were then stored as part of that process, with more than 30,000 email addresses recorded.

According to Broken Thumbs Apps, the users’ ages were not collected with the email addresses as there was no need for it nor were the addresses used for marketing or sold to any other companies for use. They were simply collected because it was the most straight-forward way for users to participate in the interactive community. The company has since removed any possibility of collecting or retaining email addresses for users under 13.

This was the first COPPA enforcement action involving mobile apps. However, as apps grow in numbers and popularity, especially amongst kids, we can expect to see more of this type of case with many developers unaware that they are violating any laws. And with general privacy law playing catch up, developers will be under close watch even if their apps aren’t for children.

See the full story on paidContent.org

Share
comments: 0 » tags: ,

Apple sued in Korea over iPhone location data

August 18, 2011 under all posts

Apple sued in Korea over iPhone location dataMore that 27,000 Korean iPhone owners are suing Apple over the location tracking function in the phone which they describe as a violation of privacy. Each member of the group is suing for one million won (£568) in damages. If forced to pay out, the lawsuit will cost Apple £15.8 million.

The dispute began when Apple revealed that its iPhones store the locations of nearby wi-fi hot spots and mobile phone towers for up to a year, which can be used to roughly map users’ movements. There was also a software bug which meant that iPhones continued to send location data to the company’s servers, even if location services on the iPhone itself were disabled.

Apple has taken steps to fix the problem. Users can download a free software update which will fix the bug and location data will now be stored on the phone for no longer than a week. Regardless of the ultimate ruling, Apple can absorb the costs whereas a little bug can mean the end for a smaller software developer.

See the full story on The Daily Mail

Share
comments: 0 » tags: , ,

Hacker group defaces Blackberry blog

August 15, 2011 under all posts

Hacker group defaces Blackberry blogTo many, BlackBerry is just doing its part in helping to capture some of the hundreds of vandals and looters who attacked shops across Britain last week by handing over information recorded on BlackBerry Messenger. To hacker group TeaMp0isoN, however, it’s a different story. The group recently defaced Blackberry’s blog in protest and threatened the release of sensitive information belonging to RIM (Blackberry’s developer), if the company made true on its government promise.

There seems to be little proof that TeaMp0isoN actually holds any of the sensitive data which it claims to. But the attack does serve as one more example that hackers aren’t necessarily in it for the money anymore, but are increasingly causing disruptions based on ideological grounds.

See the full story on The Register

Share
comments: 0 » tags: , , ,

Facebook facial recognition function under fire

August 15, 2011 under all posts

Facebook facial recognition function under fireFacebook’s new(ish) tool to help speed up the tedious process of “tagging” photos has recently come under attack by the Hamburg Data Protection Authority (DPA). The facial recognition software is said to be in violation of German and EU privacy laws as it harvests biometric data.

Facebook says that it has done enough to meet their obligations under European Union data protection law by allowing users to “opt-out” of the function, which is switched on by default.

Although few users have complained about the technology, a lot of the opposition seems to stem from Facebook’s not announcing the launch of the new function in Europe. The UK’s Information Commissioner said that users should be told about such changes so that they can make an informed decision as to whether they want to use the function or not. But unlike Hamburg’s DPA, the UK Information Commissioner’s Office will not be asking Facebook to pull the software.

See the full story on The Register

Share
comments: 0 » tags: , , , ,

Facebook to be next victim, declares Anonymous

August 15, 2011 under all posts

Facebook to be next victim, declares AnonymousIn a recent YouTube video, hacker group Anonymous announced that Facebook would be its next big victim. In the video, the group threatens an attack on November 5th, Guy Faulk’s Day in the UK, in order to bring down the large, allegedly privacy-breaching, social networking site.

Encouraging viewers to join the cause, Anonymous claims that personal information is no longer safe on the site and thus Facebook must be destroyed. According to the video, Facebook has been selling users’ personal information and storing deleted information for recovery at a later date.

Social media companies have a lot to contend with lately. Not only are they fighting to remain privacy and security compliant in a world full of differing country laws, but they also face a security risk from the outside as hacking groups plan to destroy or at least disrupt service.

See the full story on Geek.com
CFC’s Esurance 2.0 is designed specifically for social media companies. Click here to learn more.

Share
comments: 0 » tags: , , ,

China accused of massive international hacking operation

August 5, 2011 under all posts

China accused of massive international hacking operationChina has been accused of mounting a five-year hacking operation that stole industrial and national secrets on an unprecedented scale, after an investigation by a leading Internet group uncovered a huge international security breach, says a report in The Daily Telegraph. More than 70 organisations, including the UN, the International Olympic Committee (IOC) and defence contractors for both the UK and US were said to have been victims of the attack.

McAfee, the Internet security group, stopped short of naming China as responsible, but the report quotes independent security experts as saying the choice of targets, such as the Olympic Committee before the 2008 Olympic Games, suggested Beijing was the most likely culprit.

See the full story in The Telegraph
Read more on InsuranceJournal.com

Share
comments: 0 » tags: , , ,

E-commerce flaw linked to thefts

August 5, 2011 under all posts

E-commerce flaw linked to theftsMore details have emerged of an e-commerce software flaw linked to the theft of credit card information from numerous websites. The Register reports that a security flaw in osCommerce, an open source e-commerce package, created a means for criminals to compromise 90k web pages with redirection scripts that ultimately directed surfers towards a site serving up an exploit toolkit designed to compromise visitors’ PCs.

According to The Register, attacks of this kind have become fairly commonplace, with attackers now focussing efforts on e-commerce sites where users expect better security. Companies running osCommerce have been targetted by hackers before, so not only will the software developers need to look into these vulnerabilities, but companies using it will need to ensure they take extra security precautions.

See the full story on The Register
Companies can be sued for security breaches caused by the software they use. Learn more about how to insure against these risks by checking out our products.

Share
comments: 0 » tags: , ,