Tag: data security

Telegram Offers Premium Subscription in Exchange for Using Your Number to Send OTPs
News

Telegram Offers Premium Subscription in Exchange for Using Your Number to Send OTPs

In June 2017, the National Bureau for Economic Research (NBER) released a survey involving over 3,000 students at Massachusetts Institute of Technology (MIT), which revealed that 98% of them would be prepared to exchange free pizza for the email addresses of their friends. The study found that although people claim to care about privacy, they are nevertheless quite eager to give up personal information when given a reason to do so—a phenomenon known as the privacy paradox. Currently, almost seven years later, Telegram has unveiled a new feature that offers some users a complimentary premium membership in return for letting the well-known messaging app use their phone numbers to pass along one-time passwords (OTPs) to other users who try to log in. Peer-to-Peer Login (P2PL) is a f...
FTC Slams Avast with $16.5 Million Fine for Selling Users Browsing Data
News

FTC Slams Avast with $16.5 Million Fine for Selling Users Browsing Data

The Federal Trade Commission (FTC) of the United States has fined antivirus company Avast $16.5 million for allegedly selling customers' browser information to marketers while falsely advertising that its products would prevent internet monitoring. Furthermore, the business is not permitted to sell or license any web browsing data for commercial use. Additionally, it must inform users whose browsing information was sold to unaffiliated third parties. Avast "unfairly collected consumers' browsing information through the company's browser extensions and antivirus software, stored it indefinitely, and sold it without adequate notice and consumer consent," according to the FTC's lawsuit against the company read more FTC Slams Avast with $16.5 Million Fine for Selling Users Browsing Data...
Fake LastPass password manager spotted on Apple’s App Store
News

Fake LastPass password manager spotted on Apple’s App Store

The LastPass app is alerting users about the presence of a phony version of its software on the Apple App Store, which is probably being used as a phishing app to steal login information. The phony app has an identical name to the real app, a comparable icon, and an interface with a red color scheme meant to resemble the real app's design. But rather than being called "LastPass," the phony program is called "LassPass," and "Parvati Patel" is listed as its publisher. Furthermore, there is just one rating (the genuine software has over 52,000), and there are only four reviews that flag it as fraudulent. Given that LastPass is intended to store extremely private data, including credentials (password, email address, and authentication secret), it seems likely that the program was des...
Canadian government discloses data breach after contractor hacks
News

Canadian government discloses data breach after contractor hacks

According to the Canadian government, sensitive data belonging to an unspecified number of government employees was exposed due to hacking into two of its contractors. The breaches that took place last month affected SIRVA Worldwide Relocation & Moving Services and Brookfield Global Relocation Services (BGRS), two companies that offer relocation services to Canadian government employees. Information belonging to a wide range of impacted individuals, including members of the Royal Canadian Mounted Police (RCMP), members of the Canadian Armed Forces, and employees of the Government of Canada, is kept on compromised BGRS and SIRVA Canada systems read more Canadian government discloses data breach after contractor hacks. Get up to date on the latest cybersecurity news and enhance...
Meta faced with daily $100K fine over privacy breaches
News

Meta faced with daily $100K fine over privacy breaches

If Meta doesn't take corrective action, it will be punished one million crowns ($100,000) each day for privacy violations, according to Norway's data protection regulator. Meta controls Facebook and Instagram. Unless Meta takes action, regulator Datatilsynet warned it would charge the fee every day from August 4 until November 3. The daily penalty might equal $10 million in total. It stated that Meta could not gather user information in Norway for the purpose of using it to target users with advertisements, such as users' physical whereabouts. This type of marketing is known as behavioural advertising, and Big Tech uses it frequently read more Meta faced with daily $100K fine over privacy breaches. Stay informed with the best cybersecurity news and raise your cybersecurity awaren...
Millions of patient data leaked in US health network hack
News

Millions of patient data leaked in US health network hack

Sensitive patient information was revealed during a recent cyber attack, according to HCA, a Nashville-based healthcare network with 180 hospitals and more than 2300 ambulatory clinics in both the UK and the US. The information is now being sold on the dark web. On July 10, HCA Healthcare reported the leak on its website, where it sees an estimated 37 million patients annually from both countries. According to the organisation, "HCA recently learned that a list of specific information with regard to some of its patients was made available by an unknown and unauthorised party on an online forum read more Millions of patient data leaked in US health network hack. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of...
Two Spyware Apps on Google Play with 1.5 Million Users Sending Data to China
News

Two Spyware Apps on Google Play with 1.5 Million Users Sending Data to China

Due to the discovery of two file management apps on the Google Play Store as spyware, up to 1.5 million Android users' security and privacy are at risk. These applications act dishonestly and covertly transmit private user information to malicious servers in China. This ominous intrusion was discovered by Pradeo, a top mobile security firm. According to the research, the same organisation is responsible for both spyware applications, File Recovery and Data Recovery (com.spot.music.filedate), which has received over a million downloads, and File Manager (com.file.box.master.gkd) which has received over 500,000 downloads. These ostensibly innocent Android apps, which activate automatically when the device reboots without user input, employ similar harmful techniques read more Two Spy...
Swedish Data Protection Authority Warns Companies Against Google Analytics Use
News

Swedish Data Protection Authority Warns Companies Against Google Analytics Use

Following similar actions taken by Austria, France, and Italy last year, the Swedish data protection agency has advised businesses against using Google Analytics due to concerns associated with American government spying. The development follows an audit that the Swedish Authority for Privacy Protection (IMY) conducted on behalf of the four businesses CDON, Coop, Dagens Industri, and Tele2. "In its audits, IMY considers that the data transferred to the U.S. via Google's statistics tool is personal data because the data can be linked with other unique data that is transferred read more Swedish Data Protection Authority Warns Companies Against Google Analytics Use. Stay one step ahead of cyber threats with ReconBee.com. Explore our comprehensive coverage of recent cyber attacks, cy...
Data breach at Idaho Department of Health and Welfare
News

Data breach at Idaho Department of Health and Welfare

A data breach to their systems was reported on April 18 by the Idaho Department of Health and Welfare (DHW). A person who had access to a Medicaid healthcare provider's payment account may have revealed the names, member identification numbers, dates of services, and billing codes of 2,501 Medicaid recipients. According to DHW, there is currently no proof that any information has been used. However, anyone who might have been impacted should have received mail notification on June 9 and have been provided with free identity theft protection and a year of credit monitoring. Protecting the personal health and financial information for the people we serve and those we work with is critical," DHW Director Dave Jeppesen stated read more Data breach at Idaho Department of Health and Welfa...
Password Reset Hack Exposed in Honda E-Commerce Platform Dealers Data at Risk
News

Password Reset Hack Exposed in Honda E-Commerce Platform Dealers Data at Risk

Honda's e-commerce platform has security flaws that may have been used to get uncontrolled access to private dealer data. In a study released last week, security researcher Eaton Zveare said that "broken/missing access controls made it possible to access all data on the platform, even when logged in as a test account." The platform is made for firms selling lawn & garden, marine, and power equipment. The Japanese company's vehicle division is unaffected. In essence, the hack uses a password reset feature on one of Honda's websites, Power Equipment Tech Express (PETE), to reset any account's password and gain complete admin access read more Password Reset Hack Exposed in Honda E-Commerce Platform, Dealers Data at Risk. Stay one step ahead of cyber threats with ReconBee.com....