Brazil’s Federation of Industries of the State of São Paulo (FIESP) is being accused of exposing millions of personal data records from three of its databases online. FIESP represents about 130 thousand companies and is the largest class entity in the Brazilian industrial sector. The records leaked included names, ID and social security numbers, as well as full addresses, emails and telephone numbers.
Bob Diachenko, a security researcher at white hat hacker ecosystem Hacken Proof, claims to have discovered three databases containing personal records that could be accessed through the Elasticsearch search engine on November 12. The largest data source had 34.8 million entries.
Read more about the massive Brazilian data leak on ZDNet.
Cybercriminals target financial data more than anything else. Scammers and fraudsters have moved from making a fast buck to crafting more ambitious, targeted attacks that produce long-term profits, according to an extensive analysis of real-world cybercrime attacks.
Read more about the new report by ThreatMetrix which reveals that cybercriminals have graduated to leveraging entire sets of leaked identity data from large breaches on Security Boulevard.
Digital security specialist, Gemalto, has released the findings of its 2016 Data Breaches and Customer Loyalty report, revealing that consumers put responsibility for protecting their personal data firmly at the hands of the businesses holding their data – and not themselves.
Read about the new report by Gemalto titled 2016 Data Breaches and Customer Loyalty which reveals that consumers totally hold companies responsible for protecting their personal data on Electronic News.
Read Evan Gillon explain how a security breach puts tech employees personal data at risk on Technique :
Tech’s network was infiltrated by malicious software known as ransomware, which gained access to the university’s system through a Tech employee’s work computer on Dec. 12, 2016. The employee conducted research on a trusted website that had been compromised and allowed the ransomware “access to a variety of files, some of which included sensitive, personal information of current and past Georgia Tech employees,” reported Tech’s HR Department.
Read Jocelyn Baird’s article about how the data breach of Adult Friend Finder could pose a blackmail risk for leaked users on Next Advisor :
Few people find themselves excited about a data breach, but the information entrusted to certain types of websites certainly carries more potential to cause serious damage than others. When the database of a website is privy to some of the darker secrets its users would rather not share with most of the world, such as an adult-oriented website, is hacked, the risks go beyond identity theft and financial woes.
It begins innocently enough. You provide a copy of your medical insurance card to a healthcare provider along with a photo ID. They make copies. You fill out forms that may ask for more personally identifiable information (PII) including your Social Security number (SSN).
Read about how medical identity theft is the biggest worry for health care sector on ID Watchdog Blog.
Read Eitan Bremler explain why medical information is gold for cyber criminals on IT Pro Portal :
The popularity of personal health information (PHI) is increasing among hackers, and its value continues to escalate on the black market. Medical information is especially enticing for hackers because it includes personal details such as height and eye colour that can be used to create fake identities.
Read why Kara Gansmann says that companies should only collect personal information that is necessary on Wilmington Biz Insights :
In returning to our cybersecurity series, the second of five keys to a sound cybersecurity plan considers collecting only the personal data that is necessary to your business’s needs. Recall that personal data generally includes a person’s name in combination with other identifying information.
Most American Internet users grasp this Silicon Valley truism: “If you’re not paying, you’re the product.” We gain “free” services and conveniences by yielding our personal information, which in turn is sold or traded to all sorts of interested parties. Those parties exploit this information to determine what products to pitch us, on what terms. Consumers may find the results attractive, especially if they don’t know what they’re being denied based on their data.
Read why consumers in United States need a new legal right to control personal information on LA Times.