Overclock.net - An Overclocking Community

Overclock.net - An Overclocking Community (https://www.overclock.net/forum/)
-   Technology and Science News (https://www.overclock.net/forum/349-technology-science-news/)
-   -   [techdirt]Another Day, Another Company Leaving Sensitive User Data Exposed Publicly On The Amazon Cloud (https://www.overclock.net/forum/349-technology-science-news/1731074-techdirt-another-day-another-company-leaving-sensitive-user-data-exposed-publicly-amazon-cloud.html)

looniam 08-07-2019 11:26 PM

[techdirt]Another Day, Another Company Leaving Sensitive User Data Exposed Publicly On The Amazon Cloud
 
Quote:

What is it about companies leaving consumer data publicly exposed on an Amazon cloud server? Verizon made headlines after one of its customer service vendors left the personal data of around 6 million consumers just sitting on an Amazon server without adequate password protection. A GOP data analytics firm was also recently soundly ridiculed after it left the personal data of around 198 million citizens (read: most of you) similarly just sitting on an Amazon server without protection. Time Warner Cable also recently left 4 million user records sitting in an openly-accessible Amazon bucket.

You'd think that after all of this press attention fixated on a fairly basic (but massive) screw up, that companies would stop doing this. But you'd be wrong.

The latest company to fail at fundamental security practices is California's Bank of Cardiff, which managed to leave millions of phone recordings made by employees -- you guessed it -- in an unsecured Amazon cloud bucket open wide to the general internet. Many of the phone recordings exposed include bank employees talking with customers about sensitive financial transactions:
SOURCE

epic1337 08-07-2019 11:47 PM

*shrug*

theres no severe penal code to warrant their attention in improving data security.
maybe a license to operate data servers which would get revoked if they fail to uphold the required security to protect them?
e.g. they should adopt the same business structure as the banking business.

looniam 08-07-2019 11:55 PM

Quote:

Originally Posted by epic1337 (Post 28079566)
*shrug*

theres no severe penal code to warrant their attention in improving data security.
maybe a license to operate data servers which would get revoked if they fail to uphold the required security to protect them?
e.g. they should adopt the same business structure as the banking business.

fyi, negligence is the source of ALL "penal codes" (laws). read up about torts. but no one seems to care.

however, to use a cliche; the beatings will continue until attitudes change.

treetops422 08-08-2019 12:21 AM

I checked Credit Karma... I've been the victim of 12 breaches thus far...



"Many of the phone recordings exposed include bank employees talking with customers about sensitive financial transactions:"
smh and now it becomes clear why Mark Zuckerberg has had tape over his mics for 10+ years




huzzug 08-08-2019 02:19 AM

Quote:

Originally Posted by treetops422 (Post 28079586)
smh and now it becomes clear why Mark Zuckerberg has had tape over his mics for 10+ years

I think I saw the documentary about Zuck's office laptops having taped selfie cameras but now I can't find the documentary nor a foto of it online.

ryan92084 08-08-2019 02:56 AM

Quote:

Originally Posted by huzzug (Post 28079656)
I think I saw the documentary about Zuck's office laptops having taped selfie cameras but now I can't find the documentary nor a foto of it online.

https://hotforsecurity.bitdefender.c...ame-14164.html

skupples 08-08-2019 10:06 AM

i've been getting mobile text paypal fishing attempts recently, curious if they let something slip that we haven't heard about yet.

at this point it seems like they're fighting to find NEW people to hack, cuz they just keep getting the same derps info, over and over.

zuck doesn't just tape over his camera, he sends his children to incredibly specialized "analog" schools for the ultra rich where they learn the classic way, n have limited computer lab access, like a student in the early 00s.

Section31 08-08-2019 11:08 AM

The funny thing even with hacking, the old methods are still very popular and widely used. Phishing and the telemarketing stuff still common. Almost everyone I know, has gotten robocalled everyday by someone pretending to be from Chinese Embassy/Chinese Customs/China Tax Agents. The worse being they leave voice mail, which I have to delete. Even hacking has not stopped industries like loan sharks and good old fashion espionage.

I understand we are care about our private info but our name, address are already out there. Sometimes even old credit card numbers, passport and social security numbers. Really isn't much we can do except practice common sense, check our bank accounts etc often and protect ourselves through using VPN.

Sometimes even funny things happens with the tax collection departments, my family's business is still waiting to hear back from the tax department about odd case of how someone managed to bypass telephone authorization for the business account (you have to know a lot of info to pass security checks) and changed the account address/direct deposit so any tax refund goes directly to them. I suspect we aren't only one and its probably an inside job.


All times are GMT -7. The time now is 03:09 AM.

Powered by vBulletin® Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.

User Alert System provided by Advanced User Tagging (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.
vBulletin Security provided by vBSecurity (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.

vBulletin Optimisation provided by vB Optimise (Pro) - vBulletin Mods & Addons Copyright © 2019 DragonByte Technologies Ltd.