Here we go again.
A hacker
gained access to 100 million Capital One credit card applications and
accounts
In
one of the biggest data breaches ever, a hacker gained access to more
than 100 million Capital One customers' accounts and credit card
applications earlier this year.
Paige
Thompson is accused of breaking into a Capital One server and
gaining access to 140,000
Social Security numbers, 1 million Canadian Social Insurance numbers
and 80,000 bank account numbers, in addition to an undisclosed number
of people's names, addresses, credit scores, credit limits, balances,
and other information, according
to the bank and
the US Department of Justice.
A
criminal complaint says Thompson tried to share
the information with others online.
The 33-year-old, who lives in Seattle, had previously worked as a
tech company software engineer for Amazon Web Services, the cloud
hosting company that Capital
One was using,
the Justice Department said. She
was able to gain access by exploiting a misconfigured web application
firewall,
according to a court filing.
… Capital
One said it will notify people affected by the breach and will make
free credit monitoring and identity protection available. The
company expects to incur between $100 million and $150 million in
costs related to the hack, including customer notifications, credit
monitoring, tech costs and legal support due to the hack.
… The criminal complaint against Thompson
paints a picture of a less-than-careful suspect.
Thompson posted the information on GitHub, using
her full first, middle and last name, the complaint says. She also
boasted on social media that she had Capital One information.
Perfectly timed for tomorrow’s encryption
lecture.
ACLU on the
GCHQ Backdoor Proposal
Back
in January, two senior GCHQ officials proposed
a
specific backdoor for communications systems. It
was
universally
derided
as
unworkable – by me,
as well. Now Jon Callas of the ACLU explains
why.
Automating Privacy. Can it guarantee GDPR
compliance?
Microsoft
acquires data privacy and governance service BlueTalon
Microsoft today announced that it has acquired
BlueTalon, a data privacy and governance service that helps
enterprises set policies
for how their employees can access their data. The
service then enforces those
policies across most popular data environments and
provides tools for auditing
policies and access, too.
Laws is better than Rules.
In
other GDPR-related news, Odia Kagan of Fox Rothschild writes:
Tardiness
with transposing data protection laws comes with a hefty fine.
The
European Commission is asking the Court of Justice of the European
Union to impose financial sanctions on Greece and Spain for failing
to transpose the rules on the Data Protection Law Enforcement
Directive before the May 6, 2018, deadline, according to a news
release.
The
commission is seeking a minimum lump sum of €1,310,000 and a daily
penalty payment of €22,169.70 euros from Greece and a minimum lump
sum of €5,290,000 and a daily penalty payment of €89, 548.20 from
Spain.
Read
more on Privacy
Compliance & Data Security.
Unlikely to like the Like button?
Europe’s
top court sharpens guidance for sites using leaky social plug-ins
Europe’s
top court has made a ruling that could affect scores of websites that
embed the Facebook
‘Like’
button and receive visitors from the region.
The
ruling by the Court of Justice of the EU states such sites
are jointly responsible for the initial data processing —
and must either obtain informed consent from site visitors prior to
data being transferred to Facebook, or be able to demonstrate a
legitimate interest legal basis for processing this data.
… The
ruling is significant because, as currently seems to be the case,
Facebook’s Like buttons transfer personal data automatically, when
a webpage loads — without the user even needing to interact with
the plug-in — which means if websites are relying on visitors’
‘consenting’ to their data being shared with Facebook they will
likely need to change how the plug-in functions to ensure no data is
sent to Facebook prior to visitors being asked if they want their
browsing to be tracked by the adtech giant.
Not surprising. It’s often the new hires who
insist on using the tools they were taught in school.
Executives
are not comfortable with analytics platforms, and still prefer their
spreadsheets
A
recent study
of
1.048 executives out of Deloitte finds most companies are not mature
when it comes to business analytics; and 62% still rely on
spreadsheets for their insights. While 76% of survey respondents
report that their analytical maturity has increased over the past
year, most are still using traditional tools such as spreadsheets
(62%) and business intelligence programs (58%, combined).
… Forty-six
percent of executives see AI as an important initiative over the
coming years.
Of interest to investors and my students?
The New
Frontier That Could Outrun AI And Blockchain: Real Estate Tech
… it
won’t be surprising that real estate was the largest
industry in the United States as
of 2018. But at a time where technology is at the forefront across
all industries, the real estate industry spends less
than 1% on
information technology.
Why
does our largest industry arguably hold the title for the least
innovative?
… The
first game changers emerging in the Proptech space made buying and
selling of properties a lot easier and quicker.
Companies
like Zillow have changed the way we thought about buying or renting
our next home, whether for the next 30 years or just 12 months.
Airbnb introduced the concept of repurposing homes for shorter
duration rentals, while WeWork has completely disrupted the
commercial real estate industry with on-demand workspaces.
… Remember:
Proptech is technology that makes it easier to buy, sell and manage
property. The established poster children focus solely on the buying
and selling part of the equation. Right now, there is very little
technology that automates how we manage properties.
No comments:
Post a Comment