Search This Blog

Showing posts with label User Privacy. Show all posts

CEO of Koo App Denies the Allegations of Data Breach by French Hacker

 

Koo, a home-grown microblogging platform has come under the scanner after a French ethical hacker known by the moniker Elliot Alderson on Twitter uncovered the security loopholes in the Koo app. Cybercriminals can exploit the vulnerabilities in the app to retrieve personally identifiable information such as e-mail ID, date of birth, name, marital status, gender, and more.

Several Union ministers, politicians, and film actors are switching to the micro-blogging platform Koo but this leak has raised serious concerns regarding the safety of private information of the users. “You asked so I did it. I spent 30 min on this new Koo app. The app is leaking the personal data of users: email, dob, name, marital status, gender…” Alderson tweeted with emended screenshots of the data he was able to access.

Aprameya Radhakrishna, Koo’s co-founder, and CEO responded that the app is fully secured and data visible is something that the users have voluntarily shown on the profile. Aprameya explained on Twitter that “some news about data leaking being spoken about unnecessarily. Please read this: The data visible is something that the user has voluntarily shown on their profile of Koo. It cannot be termed a data leak. If you visit a user profile you can see it anyway”.

Alderson countered the tweet by sharing a screenshot of an IAS officer on Koo, he claimed he could gain access to the data of an IAS officer without it being visible on the profile page and he tagged Aprameya in his tweet.

Aprameya replied to the tweet – “@fs0c131y (Elliot Alderson) We’re attempting to do something for our country, India. All help is appreciated. If you want to help out in this journey of ours please write to me at ar@kooapp.com and we can take a look at all the feedback you have. Thanks!” 

The popularity of the Koo app is increasing with each passing day and has surpassed over 3 million downloads on both Google Play and the Apple app store. Observably, the app is seen as the alternative to Twitter and many prominent personalities have moved to the Koo app.

WhatsApp Clients Resort to Other Messaging Platforms

 

WhatsApp has told its two billion clients they should permit it to share information with its parent organization Facebook if they wish to keep utilizing it. All WhatsApp clients would not be able to proceed with the service except if they accept the new terms by 8 February. The stage said the update will empower it to offer features, for example, shopping and payments. 

Message platforms Signal and Telegram have both seen a gigantic surge in downloads around the world over after a questionable update to WhatsApp's terms and conditions. 

As per information from analytics firm Sensor Tower, Signal was downloaded all around the world multiple times the week before WhatsApp declared the change on 4 January and 8.8 million times the week after. This included big surges in India, where downloads went from 12,000 to 2.7 million, the UK from 7,400 to 191,000, and the US from 63,000 to 1.1 million. In a progression of tweets, Signal said a few people were detailing issues with creating groups and postponements to verification codes showing up in light of the fast development but that it was addressing the issues. 

Telegram has proved to be even more popular, with downloads booming all around the world from 6.5 million for the week starting 28 December to 11 million over the next week. In the UK, downloads went from 47,000 to 101,000. Furthermore, in the US they went from 272,000 to 671,000. During the same period, WhatsApp's worldwide downloads shrank from 11.3 million to 9.2 million. 

One industry watcher said he didn't think this fundamentally spoke to a major issue for WhatsApp, which has been downloaded 5.6 billion times since its launch in 2014. 

"It will be hard for opponents to break user habits, and WhatsApp will keep on being one of the world's most popular and broadly utilized messaging platforms," said Craig Chapple, mobile insights strategist at Sensor Tower. 

WhatsApp reassured its clients that it doesn't keep logs of every individual who is messaging, it can't see your shared location, it doesn't share your contacts to Facebook, and that groups can stay private. It likewise exhorts clients that they actually have the choice to set messages to disappear and that they can't download their information. WhatsApp's clarification may figure out how to reassure a few clients that the privacy changes aren't as troubling as first dreaded, yet for other people, it might have come past the point of no return.

Aurora Cannabis Breach Exposes Personal Data of Former, Current Workers

 

Recently, Marijuana Business Daily has disclosed a data breach at Aurora Cannabis. The security incident compromised the credential information of an unknown number of employees of the Canadian company. The data breach was not restricted to the current employees of the company but also encompassed the former employees as well. 

A victim has shared an email of a data breach with Marijuana Business Daily which was sent to him on Dec. 25, “cybersecurity incident during which unauthorized parties accessed data in (Microsoft cloud software) SharePoint and OneDrive.” The email read. 

The victim, a former employee of Aurora Company who was terminated in February 2020 with other hundreds of employees, didn’t get notification of the breach until late December 31. The source said that working for Alberta-based Aurora was “an experience that I think a lot of people want to forget.” 

“And then getting a reminder on the last day of 2020, just hours to go before 2020 ended, was just a bit of a kick to the face,” he further added. The former employee said that he had talked with three present workers at Aurora and five other former employees about the information that has been exposed. Each of them reported a different kind of data breach, some reported breach of their credit card information and government identification, while others said that their home address and banking details were exposed, he added. 

The company’s spokeswoman Michelle Lefler has confirmed that the company “was subject to a cybersecurity incident” on Christmas Eve. It has affected both present and former employees of the company. 

As of now, it remains unclear what "kinds" of personal information were exposed. “The company immediately took steps to mitigate the incident, is actively consulting with security experts and cooperating with authorities,” Lefler wrote in a statement. 

“Aurora’s patient systems were not compromised, and the company’s network of operations is unaffected.” Further, she added, for now, I am unable to provide the specific number of Aurora employees whose data was exposed. I can confirm we are following all security protocols, are working with privacy councils and law enforcement, and have communicated directly with any impacted current or former employee,” Lefler added.

Researcher Exposes Telegram's Location Bug, Company Say It's a Feature

An expert who observed that messaging platform Telegram's "People Nearby" feature revealed risk of accurate user location, is now informed that the feature is "working as expected." Users who use the "People Nearby" feature can view a list of other telegraph users within a short mile radius. Users can also find local group chats.  

Ahmad Hassan used a software that allowed him to fake the location of his Android phone, using it, he found locations of individuals from three different points. He used trilateration to pinpoint exact user location. Using this method, Ahmed could get accurate location of the users, including their home addresses, which is quite easy.  Hasan had found the issue hoping to get Bug Bounty as a reward, instead, he was told that the Telegram users share their locations intentionally i the "People Nearby" section. To determine the exact location of the users, one can expect sometimes to find it under certain conditions.  

But Hasan says that when a user allows "People Nearby" location, he is indirectly posting his residential address online. Many of the users are unaware of this information while they are using the feature. He also believes a widespread problem exists where hackers or users with malicious intent can use fake locations to join local group chats, and attack users with spams or phishing attacks using malicious links. It includes fraud links and fake Bitcoin investments, which is a proof to the poor app security.  Telegram claims that their platform is "more secure than mass market messengers like WhatsApp and Line." 

However, Telegram fails to mention the risks that can arise from malicious users. Others apps in recent times have also experienced the location issue.  The Register reports, "obtaining the location of nearby users is not an issue exclusive to digital devices. A stranger may follow someone home, for example. It is also not so long ago that a huge printed directory of local names, addresses, and telephone numbers used to be delivered to almost every home in many countries – and in the UK BT's online Phone Book service still offers a person search, including address details for those who have not opted out."

Learn how to Hide your WhatsApp Profile Picture and Why ?

 

The latest statistics of the messaging app usage have shown that WhatsApp has 2.0 billion users worldwide, which doesn't come as a surprise given the tremendous popularity and wide-acceptance of the messaging platform. 

Moreover, it is interesting to note that now businesses around the world have also integrated WhatsApp communication for purely work-related purposes, wherein people connect with one another because they are working in the same organization. 

However, it doesn’t necessarily mean that they can trust every person in their organization or that they do. Sometimes what happens is that one never wishes to show his or her display picture to the people whom they rarely know but are required to communicate with them through WhatsApp because of their professional work. 

Now, everyone doesn’t know how to hide their profile picture from unknown users, hence everyone who has their number or with whom they had a little dialogue on WhatsApp is able to see their profile picture and can also potentially take a screenshot of the same. Have you been in one such situation? If yes, we are here to educate you regarding the same. Do you know WhatsApp provides its users with very neat privacy features which allow us to save our privacy from non-friendly contacts, while letting your friends see your profile picture, at the same time? 

How to do it? 


To access the privacy features of WhatsApp in its entirety, follow the steps given below. 

First Open WhatsApp and go to ‘Settings’. 

Now click on ‘Account’ and then click on ‘Privacy’. 

Then, tap on Profile Photo.  

Now you must be able to see that the default setting here allows 3 options to choose first, “Everyone”, second, “My Contact’’ and third, “No One’’. 

So now what you have to do just select the second option “My Contact’’, this privacy feature will only allow your saved contact number to see your profile picture, while others will be seeing a grey avatar on your profile, instead of the picture you had put on display. And, if you wish to not reveal your profile picture to anyone then you can select the third option “Nobody”. This will hide your picture from everyone on the messaging app. 

To your dismay, unfortunately, currently, there is no option that will allow you to hide your profile picture from a particular bunch of users like it does for story privacy settings.

Data Breach: Stolen User Records from 26 Companies Being Sold Online

 

A data broker has been allegedly selling stolen user data of twenty-six companies on a hacker forum. Reportedly, the hacker who has put on sale the stolen data for certain companies at a particular price – is yet to decide the pricing for the rest of the stolen databases. 

The hacker behind the sale has stolen a whopping total of 368.8 million user records majorly from companies that previously reported 'Data Breach', however, seven new companies that joined the list were – Sitepoint.com, Anyvan.com, MyON.com, Teespring.com, Eventials.com, ClickIndia.com, and Wahoofitness.com.

Dark Web and Hacking Forums keep making headlines for their notorious relationship with data brokers and hackers who extensively use these platforms to leak or sell databases containing user information/credentials/records acquired during data breaches of various companies worldwide who later confirm the breaches. However, in the aforementioned case, only MyON and Chqbook have confirmed the data breaches, the other six companies have not given any statement confirming that they have experienced a data breach.

In a conversation with BleepingComputer, while confirming that their networks were compromised, MyON.com said, "In July 2020 we were made aware of a bad actor trying to sell portions of our data on the dark web. We immediately began investigating to shut down any continued threats to our data or the data of our customers. We were then able to confirm that according to federal and state privacy laws, no confidential student or customer data was compromised, and this incident did not rise to the level of an actual breach of student private data."  

Whereas, while denying the claims of a data breach, Chqbook.com emailed BleepingComputer, saying, "There has been no data breach and no information belonging to our customers has been compromised. Data security is a key priority area for us and we conduct periodic security audits to ensure the safety of our customers’ information,"  

The companies that fell prey to the data breach are as follows: MyON.com (13 million), Singlesnet.com (16 million), Teespring.com (8.2 million), ModaOperandi.com (1.2 million), Chqbook.com (1 million), Pizap.com (60 million), Anyvan.com (4.1 million), Fotolog.com (33 million), Eventials.com (1.4 million), Wahoofitness.com (1.7 million), Reverbnation.com (7.8 million), Sitepoint.com (1 million), Netlog.com (53 million), Clickindia.com (8 million), Cermati.com (2.9 million), Juspay.in (100 million), Everything5pounds.com (2.9 million), Knockcrm.com (6 million), Accuradio.com (2.2 million), Mindful.org (1.7 million), Geekie.com.br (8.1 million), Bigbasket.com (20 million), Wognai.com (4.3 million), Reddoorz.com (5.8 million), Wedmegood.com (1.3 million), Hybris.com (4 million). 

Users who happen to be a part of any of the abovementioned websites are strongly advised to update their passwords, preferably something unusual and strong enough to thwart a brute-force attack.

Google’s Data Security: How Google Protects your Data from Cyber Threats?



The world is moving very fast towards technology and materialism. Subsequently, it has become increasingly difficult for people to shun away from online services. According to the reports, Google has a large international market – over 50% of its customers represent premier business customers. Interestingly, more than 5 million businesses have chosen Google Apps services for their Businesses. Users of online services are much familiar with Google and its products but cyber threats always threaten people and make them question the security of their data. Is Google selling their data or personal information? 

According to Google, the tech giant takes the following measures- 

Physical Security - Google claims that it provides 24/7 physical security to all data centers located across the world. The organization is also known for its advanced measures such as laser-based surveillance and biometric identification to protect its employees from cyber threats and identity theft. 

The company’s in-house disaster response team assures that even during natural disasters such as fire, flood, etc which hits the physical location of its data center Google still manages to use security monitoring to protect users from malware. The company also says, “We constantly monitor all applications, deploy patches through automated network analysis and proprietary technology, it helps us in detecting threats such as malware, viruses, and other forms of malicious code’’. 

Encryption-  Encryption means ‘the process of converting information or data into a code, especially to prevent unauthorized accesses’. The company states that ‘we use encryption into every data flow so customer’s data remain protected from any kind of snooping activities funded by official government actors. Furthermore, the tech giant added that it protects all the data access to security technologies such as HTTP and TLS or Transport Layer Security so that all email content remains inaccessible to malicious actors.

Malware protection-  According to Google, Google ensures protection to its users from any malware by deploying automated network analysis solution which keeps all kind of malicious codes away from customers credential information, with that company also use multi-purpose tools for software security and quality assurance.

Customized hardware- Google ensures that its hardware remains well protected with highly customized server components against any network infiltration by hackers. It also ensures that only its legitimate devices access the user’s data which are all under protection. 

Incident Response–A team of “Incident Management Program’’ (IMAG) at Google says, that our incident response team is 24/7 active at every data center to protect individuals' data by altering every individual if any malicious activity has been found on their account. 

Limited Access- Google gives limited access to important data which includes; business data, highly sensitive information to its employees, by doing this Google ensures security and privacy at every stage of its system.

Walleon Smart Wallet – where Elegance, Fashion, and Innovation meet


With everything evolving around us, technology has reached another great peak when smart wallets came to the market. Being sure, everyone feels the same way, it was about time we are all able to protect our wallets from being stolen or lost, and this has been made finally possible. And to reach a time when the trackable wallet is not only smart for its anti-theft technology, but it’s also made of high-quality products and speaks of a huge fashion trend, well, it’s time we acknowledge its perfection. Let's start with the things that make it so great. 
 
Safety and protection by tracking your wallet 

Walleon lets you choose between Bluetooth tracking, which offers a more limited range, and Global GPS tracking that allows you to keep track of your wallet worldwide. This means that you can use the app on your phone to track where your wallet is. Moreover, while you may not yet know that your wallet is missing, the app will activate an anti-lost distance notification or alarm, based on the app settings. 
 
Anti-theft camera 

The in-built camera is an excellent addition to the wallet and offers a ton of other features except for the anti-theft function itself. When you realize that your wallet is stolen, you can activate the emergency mode, and it will start taking photos and sending them to your phone every few seconds. One of the many other favorite features is the option for selfies. You put your Walleon at a distance, and by using your phone, you take a picture of you and or you and your friends. 
 
SOS call button 

Another top-notch advantage the smart wallet gives you is the SOS call option. How does it work? First, you need to insert a SIM card in your wallet - prepaid or other. Then you need to set one or more SOS numbers through your app, and when in need, you can dial those numbers by using your wallet by holding a hidden button for a few seconds. For example, when you break your phone and there is no other way of contacting someone, or you had a car crash with no one around you, you fell during hiking or any other unfortunate situation or accident. Your Walleon will help you make the needed call and save you. 

LED light 

Although we all love the features above, this one is definitely the one that holds us captive more. And why not? It’s amazing! The light goes through the wallet, and you can change the color in any way you prefer - to match it with your outfit and accessories or even your mood. The function is fully optimized to save battery. The camera acts as a sensor, so when the wallet is in your pocket or covered, it turns off the light. Not only that but it can also auto stop after a few minutes (you can set your period for when the light should turn off) or turn it off permanently from the app on your phone. The LED light has low power consumption; the battery is 2500mah, and it also lights the money pocket so you can count your money in a low-light place. 
 
Portable battery charger 

Yes, that’s right! You can use your wallet also to charge your phone on the go. The battery is ultra-thin, in-built, and offers a fantastic opportunity to keep your phone fully charged all the time. RFID protection Speaking of all kinds of protection, as you’ve noticed, Walleon’s team is devoted to serving your needs, and it was created to make sure you are protected first. That is why RFID protection is such a great asset. 

There are many frauds for digital theft and the RFID option actually protects your credit and debit cards from those devices trying to export data and money from them. Your cards in Walleon are safe. Providing that many remarkable benefits, Walleon is a top-notch technology that fits your pocket with the best design ever made - high-quality leather, perfect sizes, and lightweight. Having it means being one step ahead of fashion and bringing your own style to a whole new level. 
 
You can find more information on our website https://walleon.net/ or in our Facebook Group.

Deepfake Bots on Telegram, Italian Authorities Investigating

 

Cybercriminals are using a newly created Artificial Intelligence bot to generate and share deepfake nude images of women on the messaging platform Telegram. The Italian Data Protection Authority has begun to investigate the matter following the news by a visual threat intelligence firm Sensity, which exposed the 'deepfake ecosystem' — estimating that almost 104,852 fake images have been created and shared with a large audience via public Telegram channels as of July 2020. 
 
The bots are programmed to create fake nudes having watermarks or displaying nudity partially. Users upon accessing the partially nude image, pay for the whole photo to be revealed to them. They can do so by simply submitting a picture of any woman to the bot and get back a full version wherein clothes are digitally removed using the software called "DeepNude", which uses neural networks to make images appear "realistically nude". Sometimes, it's done for free of cost as well. 
 
According to the claims of the programmer who created DeepNude, he took down the app long ago. However, the software is still widely accessible on open source repositories for cybercriminals to exploit. Allegedly, it has been reverse-engineered and made available on torrenting websites, as per the reports by Sensity. 
 
In a conversation with Motherboard, Danielle Citron, professor of law at the University of Maryland Carey School of Law, called it an "invasion of sexual privacy", "Yes, it isn’t your actual vagina, but... others think that they are seeing you naked."   

"As a deepfake victim said to me—it felt like thousands saw her naked, she felt her body wasn’t her own anymore," she further told. 
 
More than 50% of these pictures are being obtained through victims' social media accounts or from anonymous sources. The women who are being targeted are from all across the globe including the U.S., Italy, Russia, and Argentina.
 
Quite alarmingly, the bot has also been noticed sharing child pornography as most of the pictures circulated belonged to underage girls. The company headquartered in Amsterdam also told that the vicious Telegram network is build up of 101,080 members approximately. 

In an email to Motherboard, the unknown creator of DeepNude, who goes by the name Alberto, confirmed that the software only works with women as nude pictures of women are easier to find online, however, he's planning to make a male version too. The software is based on an open-source algorithm "pix2pix" that uses generative adversarial networks (GANs). 
 
"The networks are multiple because each one has a different task: locate the clothes. Mask the clothes. Speculate anatomical positions. Render it," he told. "All this makes processing slow (30 seconds in a normal computer), but this can be improved and accelerated in the future."

PoetRAT Targeting Public and Private Sector in Azerbaijan

 



APT groups have been targeting the public sector and other major organizations in Azerbaijan via recent versions of PoetRAT. Notably, the threat actor has advanced from Python to Lua script and makes use of Word documents to deploy malicious software.
 
PoetRAT was first discovered by Cisco Talos, it was being distributed using URLs that falsely appeared as Azerbaijan’s government domains, giving researchers a reason to believe that the adversaries intended to target citizens of the Eurasian country, Azerbaijan. The threat actors also attacked private organizations in the SCADA sector such as ‘wind turbine systems’. However, the recent campaigns that unfolded in the months of September and October were targeted towards the public sector and VIPs. In later updated versions, the operators worked out a new exfiltration protocol to cover their activities and avoid being caught. 
 
Written in Python and split into various parts, the malware provides full control of the infected system to the operation. It gathers documents, pictures from the webcam, and even passwords, employing other tools. In an attempt to improve their operational security (OpSec), the attacker replaces protocol and performs reconnaissance on infected machines. 
 
Over the past months, the developers of the malware have continuously evolved their strategies to penetrate into more sophisticated targets. The campaign demonstrates how the attackers manually pushed additional tools like keyloggers when required onto the infected machines. To name a few more, camera control applications, generic password stealers, and browser- focused password stealers. Besides malware campaigns, the operators also employed the same infrastructure to perform a phishing campaign wherein the phishing website impersonates the webmail of Azerbaijan’s Government.
 
Other instances when Azerbaijan grappled with cyberattacks include a data breach faced by the Azeri Navy sailors. The hacked data belonged to 18,872 sailors of the Azerbaijan Navy which included their full names, DOB, passport numbers, and expiry dates. In another attack, a U.K based live flight tracking service underwent DDoS attacks that temporarily halted its services, the attack is alleged to be having links with the ongoing geopolitical conflicts in Azerbaijan.

Facebook Bans Suspicious Russian Accounts, Says Russian Spy Intelligence Interfering With U.S Presidential Election


Social networking giant Facebook says it terminated three fake account networks that could have been working for Russian intelligence. The intelligence, according to FB, might be leaking suspicious documents before the U.S presidential elections. According to FB, the suspended accounts contained fake users and identities and were suspended for 'coordinated inauthentic behavior.' The company associated all these accounts to Russian intelligence and hackers linked to St. Petersburg organization based in Russia.

The U.S officials accuse the group of meddling with the 2016 U.S presidential elections and votes. As per now, the Russian authorities haven't responded to these allegations. Neither did the Russian foreign aid ministry when asked for the comment regarding the issue. Since the beginning of its rivalry with the U.S, it is common knowledge that Russia has always denied allegations of interference in the U.S. According to Russia, the country doesn't meddle with the domestic policies of the U.S, and it has nothing to do with the presidential elections.
There was no solid proof whether the fake accounts leaked the hacked documents, but suspending these accounts helped us prevent any future leak, says Nathaniel Gleicher, head of security, Facebook. "Our team watches for the threats and trends that we need to be ready for, and one that we are very aware of ... is a hack-and-leak operation, particularly in the next 6-8 weeks. We want to make sure that the accounts are down to prevent their ability to pivot them to facilitate a hack-and-leak around the U.S. election," told Nathaniel to Reuters. 

Reuters reports, "Facebook said the networks were small with only a handful of accounts on its website and photo-sharing service Instagram, some of which posed as independent media outlets and think tanks. The accounts had a combined total of around 97,000 followers. While some of the activity did target audiences in Britain and the United States, the networks were predominantly focused on countries in the Middle East and bordering Russia, such as Syria, Turkey, Ukraine, and Belarus, Facebook said."

Twitter Rolled-out its Latest Feature that Lets Users Limit Reply



In an attempt to make conversations more effective and meaningful, Twitter has rolled out a new feature that will allow users to have a little more control over who is showing up in their mentions, the feature will enable users to get rid of spam in their conversations by limiting who can reply to their Tweets.

Before being launched globally on 11th August for both the Android and iOS users, the feature underwent a brief run in beta. It is now available for the Twitter App on both the platforms and also for the users accessing the platform via the official website twitter.com.

How the feature works?


While posting a tweet, you will come across a small globe icon at the bottom, upon tapping on that, three options will appear to choose who can reply to your tweet. If you choose nothing, the setting will remain default – meaning anyone can reply to the tweet or you can limit replies just to those who are tagged in the tweet; or only to your followers.

After selecting the preferred option, you are all set to compose your tweet and click on the 'Tweet' tab to publish it. One important thing to note here is that once the tweet is posted, you won't be able to change the reply settings for that particular tweet.

However, users must also note that people who are restricted from replying will get a greyed-out icon, but they will still be able to view and share your tweets – they can Retweet, Retweet with Comment, and like the tweet.

The feedback received by the users has been positive so far, indicating that users have felt more comfortable and guarded against abuse, trolls, and spam.

As per a blog post by Director of Product Management, Suzanne Xie, the new feature is successfully preventing about three potentially abusive replies while adding one potentially abusive retweet with comment.

Referencing from Xie's observations, “Sometimes people are more comfortable talking about what’s happening when they can choose who can reply,”
“We’ve seen people use these settings to have conversations that weren’t really possible before. Starting today, everyone will be able to use these settings so unwanted replies don’t get in the way of meaningful conversations," the blog post read.

"Since your Tweet = your space, we've been testing new settings to give people more control over the conversations they start. Sometimes people are more comfortable talking about what's happening when they can choose who can reply. We've seen people use these settings to have conversations that weren't really possible before. Starting today, everyone will be able to use these settings so unwanted replies don't get in the way of meaningful conversations," Xie further said in a statement.

CNY Works Data Breach: Personal Details of 56,000 Customers Exposed


Social Security numbers, names, and other personal details of around 56,000 individuals were exposed as CNY Works faced a data breach. The data breach potentially affected people who sought employment via the company's services.

CNY Works is a New York-based non-profit corporation working to help businesses and job-seeking individuals with the objective of providing skilled workers to businesses and employment for those seeking a job within Central New York – providing a single entry point for Workforce Information.

The agency started sending letters to all its affected customers, warning them about the security breach – the officials told that files compromised during the attack (likely to be a ransomware attack) on their servers consisted of their names and Security numbers. However, the agency did not spot signs of any data being accessed, viewed, or taken down by the threat actors.

Social Security number is a nine-digit number used to record a person's earnings and verify his identity whenever he starts a new job; having your social security number compromised can lead to identity theft in various ways, cybercriminals can sell people's identities on the dark web marketplaces to highest bidders. In a way, it's like getting your bank account info. stolen, only that you can always get a new bank account number, while new Social Security numbers are rarely issued by the concerned administration.

While addressing the security issue, Lenore Sealy, executive director for CNY Works, said in an email to media outlets, “We are sending notification letters to approximately 56,000 individuals.”

“However, we are notifying individuals out of an abundance of caution. CNY Works has no evidence that any of the personal information for these individuals has been misused, or even that any of the personal information in its possession was accessed or stolen as a result of this incident.” The email further read.

Twitter Data Breach: Apology Sent to Potentially Affected Business Clients


The cyberspace has reportedly witnessed a fivefold increase in malicious attacks since the spread of the Coronavirus pandemic, it's primarily because people have been sidetracked due to systematic threat posed by the coronavirus that cybercriminals are not missing any chance of capitalizing on the adversity. Another reason guiding the crisis is based on the fact that IT has become the backbone of organizations as more and more employees turn to work remotely. In light of that, Twitter has become the latest victim of the crisis as the officials apologize for a business data breach.

Attackers have yet again gained access to personal details of Twitter users following a data breach that led the social media owners to seek an apology from its business clients and other users as well. The allegedly compromised data includes highly sensitive information related to the company's business clients' i.e., their phone numbers, email addresses, and last 4 digits of credit card numbers.

While confirming the data breach to TechCrunch, one of the Twitter's spokesperson told that when the billing information on ads.twitter.com or analytics.twitter.com was being viewed, some of the details were getting stored in the browser's cache.

Twitter warned the users of the serious data breach itself by sending emails to its business clients, acknowledging and appreciating the trust their users' place in them, meanwhile delivering a sincere apology for the security incident that might have led to a possible data breach.

"We're very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day." The email read.

"We are writing to let you know of a data security incident that may have involved your personal information on ads.twiiter and analytics. Twitter," Twitter said in a message to its potentially affected customers.

"We became aware of an issue that meant that prior to May 20, 2020, if you viewed your billing information on ads.twitter or analytics.twitter the billing information may have been stored in the browser's cache."

The issue was taken care of as soon as it came to the notice of the company, while Twitter also ensured that clients' who were
likely to be impacted by the security breach are made fully aware and provided with all the necessary information on how to keep themselves secure.

One Of Tech Giant Oracle’s Many Start-ups Uses Tracking Tech to Follow Users around the Web


The multinational computer technology corporation Oracle has spent almost 10 years and billions of dollars purchasing startups to fabricate its own one of a kind ‘panopticon’ of users' browsing data.

One of those startups which Oracle bought for somewhat over $400 million in 2014, BlueKai, is scarcely known outside marketing circles; however, it amassed probably the biggest bank of web tracking data outside of the federal government.

By utilizing website cookies and other tracking tech to pursue the user around the web, by knowing which sites the user visits and which emails they open, BlueKai does it all.

BlueKai is supposedly known to depend intensely on vacuuming up a 'never-ending' supply of information from an assortment of sources to comprehend patterns to convey the most exact ads to an individual's interests.

The startup utilizes increasingly clandestine strategies like permitting websites to insert undetectable pixel-sized pictures to gather data about the user when they open the page — hardware, operating system, browser, and any data about the network connection.

Hence it wouldn't be wrong to say that the more BlueKai gathers, the more it can infer about the user, making it simpler to target them with ads that may lure them to that 'magic money-making click'.

Marketers regularly utilize this immense amount of tracking data to gather as much about the user as could reasonably be expected — their income, education, political views, and interests to name a few — so as to target them with ads that should coordinate their apparent tastes.

But since a server was left unsecured for a time, that web tracking data was spilling out onto the open internet without a password and at last ended up uncovering billions of records for anybody to discover.

Luckily security researcher Anurag Sen found the database and detailed his finding to Oracle through an intermediary — Roi Carthy, chief executive at cybersecurity firm Hudson Rock and former TechCrunch reporter.

Oracle spokesperson Deborah Hellinger says, “Oracle is aware of the report made by Roi Carthy of Hudson Rock related to certain BlueKai records potentially exposed on the Internet. While the initial information provided by the researcher did not contain enough information to identify an affected system, Oracle’s investigation has subsequently determined that two companies did not properly configure their services. Oracle has taken additional measures to avoid a reoccurrence of this issue.”

Subsequent to reviewing into the information shared by Sen, names, home addresses, email addresses, and other identifiable data was discovered in the database.

The information likewise uncovered sensitive users' web browsing activity — from purchases to newsletter unsubscribes.

While Oracle didn't name the companies or state what those additional measures were and declined to respond to the inquiries or comment further. In any case, it is clearly evident that the sheer size of the exposed database makes this one of the biggest security 'lapses' by this year.

Wishbone Breach: Hacker Leaks Personal Data of 40 Million Users


Personal data of 40 million users registered on Wishbone has been published online by hackers, it included user details like usernames, contact numbers, email addresses, Facebook and Twitter access tokens, DOBs, location, gender, and MD5 hashed passwords. Researchers have confirmed the authenticity of the data that has found to be accurate – belonging to the users who have used the app. It could be used by attackers to carry out various malicious activities such as phishing campaigns, identify thefts, credential stuffing attacks, and account takeovers.

Wishbone is a mobile survey app that provides users a social platform to compare social content, the app hasn't disclosed its total user count in recent times, Wishbone has been enlisted as one of top 50 most popular social networking apps in iOS App Store for years now, also making it to the top 10 in its prime.

This breach came as the second-largest security incident in the last three years for the app, earlier in 2017, hackers breached around 2.2 million email addresses and 287,000 phone numbers. It mainly contained kids' personal details. However, the recent breach mainly consists of numbers belonging to young women.

According to the reports, the database was circulating secretly since March, it has been put up for sale on dark web forums for thousands of dollars. Later, 'ShinyHunters', a dark web trader who allegedly leaked the data, stated that they will be publishing the data for free after individuals began reselling it.

While commenting on the matter, senior vice president of data security specialists comforte AG, Mark Bower said, “It looks like security and privacy have been an afterthought, not a matter of culture and software development process. If the passwords are hashed with MD5, then the users affected should be immediately making sure their ID’s and passwords aren’t used elsewhere with the same password. MD5 is a goner as far as security is concerned but used by mistaken developers unfamiliar with its security risks or using older code libraries using MD5. Hashed MD5 passwords aren’t difficult to brute force. The bigger issue here is the personal data though – so now attackers have a bunch more data for social engineering.”

Security experts have recommended Wishbone users to update or change their passwords and stay wary of any suspicious activity in their account.

Fake Email Campaign Demanding Ransom in Cryptocurrency


Internet users have been alerted by national federal cybersecurity agency against a fake email campaign that is going on in the country; the authors behind the campaign are threatening to post a personal video of a victim that they claim to have recorded if the demanded ransom in the form of cryptocurrency is not paid to them.

While assuring users that there's nothing major to worry about these emails as the claims made in it are fake, the Computer Emergency Response Team of India (CERT-In) in a related advisory, suggested users assign new passwords to all their online platforms including their social media handles.

CERT-In (the Indian Computer Emergency Response Team) is a government-mandated information technology security organization. It has been designated as the national agency to respond to computer security incidents. The purpose of CERT-In is to issue guidelines, advisories, and promote effective IT security practices throughout the country.

A number of emails have been sent as a part of the campaign, claiming that the receiver's computer was compromised and a video was recorded via their webcam and that the sender has access to their passwords, as per the CERT-In latest advisory on the matter. The attacker attempts to convince the user into falling in his trap by mentioning his previous password in the email, then by strategic use of computer jargon, the attacker comes up with a story to appear as a highly-skilled scammer to the recipient. The story tells the victim that while he was surfing a porn website, his display screen and webcam was compromised by a malware placed by the hacker onto the website. It states that all of the user's contacts from Facebook, email, and messenger have been hacked alongside.

As these emails are scams and claim false information, users are advised to not get tricked into paying the demanded ransom in haste as even if the password mentioned by attackers in the email seems familiar it's because they accessed it via leaked data posted online and not through hacking their account. All you have to do is change or update your password for all the online platforms where it is being used.

Dutch Government Loses Hard Drive Containing Data of 6.9 Million Donors


Officials from the Dutch Ministry of Health, Wellness, and Sport confirmed this week that the government has lost two external hard disk storage devices that contained electronic copies of all donor forms filled with the Dutch Donor Register between February 1998 to June 2010, it was used to store personal information such as the first and the last name, date of birth, ID card numbers, address while filling the form, gender, copy of signatures and choice of organs being donated of about 6.9 million organ donors.

It was when authorities decided to sweep out old donor registration paper forms and wanted to get rid of electronic copies of all these donor forms, they discovered that the two aforementioned disks are nowhere to be found. There have been no comments made onto the encryption of data, it's not in public knowledge that whether the data was encrypted not.

The disks were last accessed almost four years ago and were put securely inside a safety vault for keeping a record, as per the statements given by the Dutch Donor Register, the hard disks were no longer to be found in the security vault and are still unaccounted for. Reportedly, the data stored into the disks belonged to over 6.9 million Dutch people – a few out of whom may no longer be alive, as per the authorities.

Although there is no proof regarding the data being stolen or misused by anyone, officials claimed that the lost donor forms do not consist of Dutch ID copies and other official documents of the people of Dutch which automatically reduces the likability of fraud or an identity theft taking place amid the incident of lost hard drives. The Minister for Health, Wellness, and Sport confirmed that the event did not affect the Donor Register's ability to deliver accurate donor data.

Facebook Sues Data Analytics Firm for Improperly Harvesting User Data


On Thursday, Facebook filed a federal lawsuit in California Court against OneAudience, a New Jersey-based marketing firm mainly involved in data analytics. The social media giant claimed that the firm was paying app developers to secretly harvest its users' data by getting an infectious software SDK installed onto their apps. The SDK was planted in various gaming, shopping, and utility-type applications available to download from the Google Play Store, as per the court documents.

A software development kit also known as SDK is a downloadable collection of software development tools used for developing applications. It consists of the basic tools a developer would require to build a platform-specific app with ease and excellence. In other words, SDK basically enables the programming of mobile applications. However, these packages have their drawbacks too as they also contain tools like trackers and it collects information about devices and app usage to send it back to the SDK maker.

Facebook alleged in the lawsuit that OneAudience has blatantly misused the feature "login with Facebook" to acquire unauthorized access to sensitive user data without any permissions. OneAudience has also been accused of paying apps to gain access to users' Twitter and Google data when they log into the infected apps using their account info.

"With respect to Facebook, OneAudience used the malicious SDK – without authorization from Facebook – to access and obtain a user's name, email address, locale (i.e. the country that the user logged in from), time zone, Facebook ID, and, in limited instances, gender," Facebook remarked.

Earlier in November 2019, social media giants Twitter and Facebook told that OneAudience collected private user information and the incident left hundreds of users affected as their privacy was compromised when OneAudience illegally collected their names, email addresses, usernames, genders and latest posts through SDK.

While commenting on the matter, Jessica Romero, Director of Platform Enforcement and Litigation, said "Facebook's measures included disabling apps, sending the company a cease and desist letter, and requesting their participation in an audit, as required by our policies. OneAudience declined to cooperate."

"This is the latest in our efforts to protect people and increase accountability of those who abuse the technology industry and users," she further added.

SoPo Nonprofit Told, Unknown Number of Clients Affected by Data Breach


A South Australian company, PSL Services, also known as Peregrine Corporation involved in the operation of service stations, convenience retail outlets and tobacconists recently disclosed a data breach to Mainebiz.

The company administered from its head office in Kensington Park, South Australia told that personal data of its employees including their names, email accounts, some medical information along with other sensitive information may have been accessed illegally between December 16 and December 19, 2019. Other information accessed without authorization includes address, DOB, Driving License Number, Social Security Number and Identifying Numbers of clients for participation in Mainecare.

There have been no speculations made by the corporation as to who is behind the public breach of its confidential data, however, the officials told in an email that there are chances that the criminal behind the incident was trying to force the agency in sending funds electronically which they did not.

Post-incident, the company was subjected to back to back investigations and it refused to specify the number of employees being affected. PSL did not provide other details regarding the incident such as whether the individuals were clients, employees, family members or others. As per some news releases, PSL came to know about the breach on 17th December after some suspicious activity was observed in an employee's email account, it immediately reported the same to its information services department.

The corporation told that it had “notified the Office of Civil Rights at U.S. Department of Health and Human Services, the Maine Attorney General, and prominent news media outlets throughout the state of Maine."

Referencing from the statements given by Lori Sanville, executive director, “The contents of a small number of email accounts were exposed,”

“The number is unknown until the data mining is completed. We will then contact anyone affected.”

In regard of the same incident, PSL also contracted with a cybersecurity vendor to further investigate the matter and come up with security measures, as per Sanville. In addition, she told Mainebiz, “We want our clients and the community to know that we take this matter very seriously and that we remain committed to assisting our clients first and foremost."