Menu
  • Consumer News
  • Buyers Guides
  • Write a review
  • Search
  • Log in

Cybersecurity News

Homeland Security rolls back its expansion of facial recognition

Travelers have the little-known right to opt out of the biometric process and use their passport instead

12/12/2019 | ConsumerAffairs

By Gary Guthrie

Gary Guthrie covers technology and travel for the ConsumerAffairs news ...  Read Full Bio→

Email Gary Guthrie 

Facial recognition has become a rather touchy subject. Earlier this year, a $35 billion class action lawsuit was filed against Facebook over claims that it harvested consumer biometric data without consent. In San Francisco, the subject is so ripe that the city is considering banning all facial recognition technology within city limits. 

The U.S. government thinks it’s a touchy subject, too. First, the Federal Trade Commission (FTC) explored facial recognition and recomm...

More

Security firm finds cache of birth certificate applications exposed online

The data reportedly had no password protection and an ‘easy-to-guess’ web address

12/10/2019 | ConsumerAffairs

By Sarah D. Young

Sarah D. Young has been a columnist for a blog ...  Read Full Bio→

Email Sarah Young 

An online company that enables U.S. residents to obtain a copy of their birth certificate has exposed nearly 800,000 applications, according to Fidus Information Security. 

“More than 752,000 applications for copies of birth certificates were found on an Amazon Web Services (AWS) storage bucket,” according to TechCrunch, which verified the discovery of the UK-based security firm. “The bucket wasn’t protected with a password, allowing anyone who knew the easy-to-guess web...

More

Sort By

Links Views Date Comments Likes

Hackers like Playstation 4 and Xbox One too

Security firm warns new consoles are under cyber attack

12/16/2013 | ConsumerAffairs

By Mark Huffman

Mark Huffman has been a consumer news reporter for ConsumerAffairs ...  Read Full Bio→

Email Mark Huffman  Phone: 866-773-0221
  • Twitter

When Microsoft and Sony released new, updated versions of their popular game consoles within days of each other last month, gamers around the world were in seventh heaven. So, it seems, were hackers.

Cyber security firm Kaspersky Lab has been measuring the hacking attempts against the new Playstation 4 and Xbox One units – as well as other game platforms – and has seen a surge, coinciding with the late November releases.

Globally, the company estimates an aver...

More

Google shutters Google+ in wake of bug affecting over 50 million users

Personal user data is impacted, but the company promises to help users secure and migrate their data

12/11/2018 | ConsumerAffairs

By Gary Guthrie

Gary Guthrie covers technology and travel for the ConsumerAffairs news ...  Read Full Bio→

Email Gary Guthrie 

Google’s plans to close down its consumer version of its social network Google+ has been escalated thanks to a bug that impacted approximately 52.5 million users in connection with a Google+ API. In layman’s terms, an API is a set of communication methods used to coordinate development and programming of a computer program.

“With the discovery of this new bug, we have decided to expedite the shut-down of all Google+ APIs; this will occur within the next 90 days,” wrote D...

More

Marriott’s Starwood Hotels suffers massive data breach

As many as 500 million customer records exposed

11/30/2018 | ConsumerAffairs

By Mark Huffman

Mark Huffman has been a consumer news reporter for ConsumerAffairs ...  Read Full Bio→

Email Mark Huffman  Phone: 866-773-0221
  • Twitter

Hackers broke into Marriott International's database, and the hotel chain says they may have gained access to 500 million customers' data. That would make it the largest data breach on record, surpassing the 2017 Equifax breach that exposed credit records of more than 145 million consumers. According to Marriott, the breach occurred at its Starwood Hotel brand. An investigation has revealed that unknown parties gained access to the database sometime in 2014, copying ...

More

U.S. Customs and Border Protection discloses data breach

Photos of travelers and license plates were stolen

06/12/2019 | ConsumerAffairs

By Sarah D. Young

Sarah D. Young has been a columnist for a blog ...  Read Full Bio→

Email Sarah Young 

U.S. Customs and Border Protection (CPB) says license plate images and photos of travelers headed into and out of the country were stolen in a "malicious cyberattack" of an unnamed subcontractor at the end of May, the Washington Post reported.

In a statement, the agency said a subcontractor "had transferred copies of license plate images and traveler images collected by CBP to the subcontractor's company network. The subcontractor's network was subsequently compromised b...

More

What to look for in mobile cloud-based storage

Robust encryption and remote wipe can help protect your data

08/14/2013 | ConsumerAffairs

By Mark Huffman

Mark Huffman has been a consumer news reporter for ConsumerAffairs ...  Read Full Bio→

Email Mark Huffman  Phone: 866-773-0221
  • Twitter

PhotoHackers and identity thieves are increasingly focused on mobile computing. With so many smartphones and tablets now in use, mobile is increasingly becoming how consumers use the web.

Criminals also like the fact that many mobile devices have little or no security protection – not on the device itself and not on the data that is stored in the cloud.

Mobile data can be stored both places and security experts say both need strong protection. Chris Rancourt, an editor at NextAdvisor.com, says consumers who use an online backup service to store and share their data in the cloud need to be especially careful.

“When you put your information on the cloud, you get this extra level of security with their encryption,” Rancourt said. “Most services now use encryption but some are stronger than others.”

Increasingly popular

PhotoCloud storage and backup services have become increasingly popular. They store data off-site, protecting it from a catastrophic computer crash or other physical damage. They also make it accessible from other computers in other locations.

“Pretty much any information you can upload to the cloud – pictures, documents, videos. And all that information can be encrypted and stored safely inside your cloud or online back-up service,” Rancourt said. “The backup services that we use provide coverage for Apple, Android – pretty much the whole spectrum.”

Rancourt suggests picking a backup service with very robust encryption. One service that falls into that category, he says, is SpiderOak. There is one security feature, in particular, that he likes.

'Zero-knowledge' security

“They have this policy where no one in their company will know your password,” he said. “If you lose your password they can't go in and retrieve it for you. It's really up to you, which makes the security a lot stronger, but at the same time you have to be responsible for your own stuff.”

Absent-minded consumers can run the risk of losing everything if they forget or lose their password. Writing it down in several secure places, however, might be all the insurance policy you need.

Sugarsync is another secure backup service. With Sugarsync, you can safely store important files and then sync them across an unlimited number of computers. If the data is updated on one computer, it's also updated on the rest.

Mozy is a low-cost cloud storage service. The company's backup plans start with one computer per subscription, but it can sync up with other computers that aren't part of the plan.

First line of defense

PhotoThe best feature of these companies' backup services may be the sophisticated encryption. Rancourt says it provides a great first line of defense.

“For companies like SpyderOak you actually have to have an encryption key in order to decode the information and read it as something legible,” he said. “Most services have something like that as well.”

But hackers are resourceful individuals. Suppose they get access to your cloud and your encrypted information by stealing or finding your lost device. It might look like gibberish at first, but given a few hours, it's just possible some hackers might be able to crack the encryption. That's why you need a second level of defense – remote wipe.

If your device is lost or stolen, remote wipe will still give you access to all your files and documents from another computer but allow you to block access on the missing device. You can even delete files.

“Let's say you keep all your bank information on your cloud,” Rancourt said. “Someone can actually hack in there and steal your identity.”

It should go without saying that you should have robust security features on your hardware as well. Getting a strong mobile security package for your smartphone or tablet will reduce the risks from lost or stolen devices.  

Hackers and identity thieves are increasingly focused on mobile computing. With so many smartphones and tablets now in use, mobile is increasingly becoming how consumers use the web.

Criminals also like the fact that many mobile devices have little or no security protection – not on the device itself and not on the data that is stored in the cloud.

Mobile data can be stored both places and security experts say both need strong protection. Chris Rancourt, an editor a...

More

Hackers increasingly target the church collection plate

Security firms step up plan to provide donated security software

01/26/2015 | ConsumerAffairs

By Mark Huffman

Mark Huffman has been a consumer news reporter for ConsumerAffairs ...  Read Full Bio→

Email Mark Huffman  Phone: 866-773-0221
  • Twitter

These days, when you get ready to swipe your card at a big box store, a thought may flash through your mind – “sure hope my data is safe.”

After all, Target, Home Depot, Neiman Marcus and Michaels, among others, have seen their systems breached by hackers in the recent past.

But do you have the same worries about transactions with your church, or other nonprofits? A cybersecurity firm says you should.

TechSoup, an oganization that makes software and techn...

More

Choice Hotels suffers data breach affecting 700,000 guests

Hackers discovered an unsecured database containing guest records

08/15/2019 | ConsumerAffairs

By Sarah D. Young

Sarah D. Young has been a columnist for a blog ...  Read Full Bio→

Email Sarah Young 

About 700,000 guests of Choice Hotels -- which is the parent company of chains such as Clarion, EconoLodge, Comfort Inn, and Quality Inn -- may have had their information exposed. 

The leak stemmed from an unsecured database, which was unfortunately discovered by hackers first. The unsecured database was most recently discovered by Comparitech and security researcher Bob Diachenko. 

The database that was left online and unsecured for four days contained 5.7 million Choice...

More

Experts recommend Facebook users make changes in light of the social media giant’s latest privacy gaffe

One change is a snap; the other enhances security but requires caution

03/25/2019 | ConsumerAffairs

By Gary Guthrie

Gary Guthrie covers technology and travel for the ConsumerAffairs news ...  Read Full Bio→

Email Gary Guthrie 

Even though what happened in Facebook’s recent password bungle was likely more an “oversight” than a hacking invasion, experts recommend that consumers double down to protect their accounts and their personal data when using the platform.

Tech security gurus at the International Institute of Cyber Security told ConsumerAffairs there are two recommended steps to enhance online protection.

The first recommendation is straightforward enough -- change your Facebook password. ...

More

StubHub "hacked" -- over 1,000 customers affected

This is why you shouldn't use the same password for multiple accounts

07/23/2014 | ConsumerAffairs

By Jennifer Abel

PhotoNews that over 1,000 accounts at online ticket-seller StubHub have been hacked should serve to remind you of this important online safety rule: don't use the same password across multiple accounts.

The Associated Press first reported on Tuesday that “cyber thieves” managed to fraudulently access more than 1,000 StubHub accounts, and buy themselves tickets in the legitimate accountholders' names.

As hacks go, a mere thousand compromised accounts in a company as large as StubHub sounds like pretty small potatoes. Why was the damage so limited?

According to StubHub spokesman Glenn Lehrman, the thieves never broke into the StubHub customer database. Instead, they got customers' login and password information from other sources, either hacking into different retail databases or even putting keylogging software or other forms of malware on user's computer.

The thieves presumably know how commonplace is it for people to use the same passwords (and sometimes even login names) across multiple accounts, so if thieves have, for example, the password you use for your email, bank account, favorite web-discussion forum or any other password-protected thing you do, they'll also try plugging that password into your other accounts on the off-chance it will work. Where over 1,000 StubHub customers are concerned, it did.

News that over 1,000 accounts at online ticket-seller StubHub have been hacked should serve to remind you of this important online safety rule: don't use the same password across multiple accounts.

The Associated Press first reported on Tuesday that “cyber thieves” managed to fraudulently access more than 1,000 StubHub accounts, and buy themselves tickets in the legitimate accountholders' names.

As hacks go, a mere thousand compromised accounts in a company as...

More

Facebook suspends ‘tens of thousands’ of apps

The crackdown comes amid growing regulatory pressure on the tech giant

09/23/2019 | ConsumerAffairs

By Mark Huffman

Mark Huffman has been a consumer news reporter for ConsumerAffairs ...  Read Full Bio→

Email Mark Huffman  Phone: 866-773-0221
  • Twitter

Amid growing pressure from Congress, the White House, and regulators, Facebook has suspended tens of thousands of apps from its site, citing various concerns.

The action came on the heels of Facebook CEO Mark Zuckerburg’s White House meeting last week with President Trump. The social media giant said it acted out of an abundance of caution. About 400 developers are affected.

“We initially identified apps for investigation based on how many users they had and how much data...

More

Quora data breach may have affected 100 million users

The question-and-answer site is the latest to be affected by a security breach

12/04/2018 | ConsumerAffairs

By Sarah D. Young

Sarah D. Young has been a columnist for a blog ...  Read Full Bio→

Email Sarah Young 

Question-and-answer website Quora says it was impacted by a security breach which may have exposed the personal data of as many as 100 million of its users.  

Adam D'Angelo, the site’s CEO and co-founder, said Quora discovered late last week that one of its systems had been hacked by “a malicious third party.”

“On Friday we discovered that some user data was compromised by a third party who gained unauthorized access to one of our systems,” D’Angelo said in a blog post. ...

More

Hackers hijack Starwood Preferred Guest loyalty programs

Another example why you should always use a different password for every important account

01/22/2015 | ConsumerAffairs

By Jennifer Abel

Pretty much any collection of online security tips will remind you not to use the same password across multiple accounts, and this week's news that scammers have managed to hijack and steal points from large numbers of Starwood Preferred Guest loyalty accounts offers another example of why.

Security blogger Brian Krebs reported today that he'd personally heard complaints from two of his readers whose SPG accounts had been hijacked. As Krebs diplomatically explained: &ldq...

More

Microsoft contractors reportedly snoop on Skype calls

The company says its user agreement allows it do so

08/08/2019 | ConsumerAffairs

By Gary Guthrie

Gary Guthrie covers technology and travel for the ConsumerAffairs news ...  Read Full Bio→

Email Gary Guthrie 

“Shh” seems to be the operative word these days at Big Tech. Earlier this year, ConsumerAffairs reported on Amazon employees eavesdropping on consumer’s interplay with their Echo Dot (“Alexa”) devices and Apple being caught red-eared when it was discovered that its employees had the ability to listen in on Siri voice recordings. 

Now, Vice reports that Microsoft had its contractors listening to bits and pieces of conversations taken from its Skype platform.

“The Skype aud...

More

LinkedIn Hacked; What You Should Do

eharmony says 'small fraction' of its passwords also stolen

06/07/2012 | ConsumerAffairs

By Mark Huffman

Mark Huffman has been a consumer news reporter for ConsumerAffairs ...  Read Full Bio→

Email Mark Huffman  Phone: 866-773-0221
  • Twitter

PhotoIf you get an email from LinkedIn saying you need to reset your password, it's real. The social networking site has reported a data breach in which an undisclosed number of passwords were compromised.

"Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid," Vincente Silveira, a LinkedIn director, wrote on the company's blog. "These members will also receive an email from LinkedIn with instructions on how to reset their passwords."

Silveira stresses there will not be any links contained in the email that informs you that you must reset your password. However, once you follow the initial step request password assistance, then you will receive an email from LinkedIn with a password reset link.

Regardless of whether you receive an email, it would be prudent to immediately change the password on your LinkedIn account.

"It is worth noting that the affected members who update their passwords and members whose passwords have not been compromised benefit from the enhanced security we just recently put in place, which includes hashing and salting of our current password databases," Silveira wrote.

A ConsumerAffairs sentiment analysis of about 2.5 million comments posted to social media finds that the news knocking LinkedIn from an overall approval rating of close to 80% to a 24% negative rating.

 

 While the hack attack wasn't the only negative to emerge in the analysis, it was by far the largest, as shown in this chart:

 

 

How it happened

Silveira did not say how the data breach occurred, only that an investigation was underway. Chester Wisniewski, Senior Security Advisor at Sophos Canada, wrote in his blog that it is imperative that LinkedIn also determine whether email addresses, often a user name, were also compromised. LinkedIn has more than 161 million members who use the site to expand their business and professional contacts.

About 6.5 million passwords have been posted online and the company says some of them do appear to be LinkedIn passwords.  Others appear to be passwords for eHarmoney accounts, security experts say. 

EHarmoney said a "small fraction" of its member passwords had been compromised and that it is investigating. Meanwhile, it said affected passwords have been reset.

If you get an email from LinkedIn saying you need to reset your password, it's real. The social networking site has reported a data breach in which an undisclosed number of passwords were compromised.

"Members that have accounts associated with the compromised passwords will notice that their LinkedIn account password is no longer valid," Vincente Silveira, a LinkedIn director, wrote on the company's blog. "These members will also receive an email from LinkedIn with instructions on how ...

More

Facebook privacy issue exposes deeper concerns about the internet

Mark Zuckerberg does damage control on conference call

04/05/2018 | ConsumerAffairs

By Mark Huffman

Mark Huffman has been a consumer news reporter for ConsumerAffairs ...  Read Full Bio→

Email Mark Huffman  Phone: 866-773-0221
  • Twitter

Facebook CEO Mark Zuckerberg, who will testify before a House committee next week, took questions from reporters on a conference call Wednesday and discussed his company's efforts to better protect users’ data.

Zuckerberg took responsibility for the data leak and pledged to make the system better. However, he cautioned his listeners not to expect instant results.

"These are big issues," he said. "This is a big shift for us to take a lot more responsibility. It's going to ...

More
More Cybersecurity News Articles

Page Content

  • Hackers like Playstation 4 and Xbox One too
  • Google shutters Google+ in wake of bug affecting over 50 million users
  • Marriott’s Starwood Hotels suffers massive data breach
  • U.S. Customs and Border Protection discloses data breach
  • What to look for in mobile cloud-based storage
  • Hackers increasingly target the church collection plate
  • Choice Hotels suffers data breach affecting 700,000 guests
  • Experts recommend Facebook users make changes in light of the social media giant’s latest privacy gaffe
  • StubHub "hacked" -- over 1,000 customers affected
  • Facebook suspends ‘tens of thousands’ of apps
  • Quora data breach may have affected 100 million users
  • Hackers hijack Starwood Preferred Guest loyalty programs
  • Microsoft contractors reportedly snoop on Skype calls
  • LinkedIn Hacked; What You Should Do
  • Facebook privacy issue exposes deeper concerns about the internet

At ConsumerAffairs we love to hear from both consumers and brands; please never hesitate to Contact Us.

At ConsumerAffairs we take privacy seriously, please refer to our Privacy Policy to learn more about how we keep you protected.

You’re responsible for yourself and please remember that your use of this site constitutes acceptance of our Terms of Use.

Advertisements on this site are placed and controlled by outside advertising networks. ConsumerAffairs.com does not evaluate or endorse the products and services advertised. See the FAQ for more information.

The information on our website is general in nature and is not intended as a substitute for competent legal advice. ConsumerAffairs.com makes no representation as to the accuracy of the information herein provided and assumes no liability for any damages or loss arising from the use thereof.

Copyright © 2019 Consumers Unified LLC. All Rights Reserved. The contents of this site may not be republished, reprinted, rewritten or recirculated without written permission.

Connect with us
Sign up for our newsletters
  • Write a review
  • Home
  • Consumer News
  • Buyers Guides
  • Log in
Connect with us