Six months after the European Union's General Data Protection Regulation, or GDPR, took effect and threatening global companies with massive fines if they didn't look after customer data properly, new research suggests it's making a difference in Europe — but not so much for U.S. web users.
Personal information of American charity donors, political party supporters, and online shoppers has continued to quietly leak onto the internet as a result of poor website security practices. As many as one in five e-commerce sites in the U.S. are still leaving their customers exposed, New York-based search marketing company Seer Interactive reports.
Using simple Google searches, similar to methods examined by Seer, media giant Bloomberg was able to access sensitive user information from a wide range of randomly chosen U.S. websites.
In one instance, the website of St. Jude Children's Research Hospital had made public the receipt for a donation of hundreds of dollars, including the donor's full name and address, their method and date of payment, and their email. Bloomberg was able to find similar data in PDF format relating to purchases of sporting goods at the Pine Hills Golf Club in Hinckley, which included full names, home addresses and email details, as well as reference numbers for the person's purchase.
This vulnerability can be caused by a number of basic errors, one of which is that if a website lets a user share a transaction on social media — such as to promote a charitable donation — a search engine can see their post, and from there index the original web page, whether the user knows this or not. With no security protection in place, these pages are available to anyone.
Secure Working From Home During Coronavirus
In the wake of the coronavirus, many organisations internationally are allowing people to work from home to lessen the risk of contagion, but is this wise from a cybersecurity point of view? While companies generally have a cybersecurity policy in place that governs the use of anti-virus and firewall protection, individuals without any tech knowledge could fall foul of cybercriminals.read more
Crypto Miners, Targeted Ransomware Dominate the Threat Landscape
Twenty-eight per cent of all organisations worldwide were impacted by malicious multi-purpose botnets and targeted ransomware attacks rose by 20% according to Check Point Research, the Threat Intelligence and Research arm of Check Point Software.read more
Kaspersky's Top 7 Mobile Security Threats in 2020
Mobile device security threats are on the rise. In 2014, Kaspersky detected almost 3.5 million pieces of malware on more than 1 million user devices.read more
SEC Releases Guide To Combat Cybersecurity Threats
The Securities and Exchange Commission has released a guide to best practices to combat cybersecurity infractions, data loss and privacy breaches.read more