Major American Companies Are Making Basic Data Security Mistakes

Six months after the European Union's General Data Protection Regulation, or GDPR, took effect and threatening global companies with massive fines if they didn't look after customer data properly, new research suggests it's making a difference in Europe — but not so much for U.S. web users.


Personal information of American charity donors, political party supporters, and online shoppers has continued to quietly leak onto the internet as a result of poor website security practices. As many as one in five e-commerce sites in the U.S. are still leaving their customers exposed, New York-based search marketing company Seer Interactive reports.


Using simple Google searches, similar to methods examined by Seer, media giant Bloomberg was able to access sensitive user information from a wide range of randomly chosen U.S. websites.


In one instance, the website of St. Jude Children's Research Hospital had made public the receipt for a donation of hundreds of dollars, including the donor's full name and address, their method and date of payment, and their email. Bloomberg was able to find similar data in PDF format relating to purchases of sporting goods at the Pine Hills Golf Club in Hinckley, which included full names, home addresses and email details, as well as reference numbers for the person's purchase.


This vulnerability can be caused by a number of basic errors, one of which is that if a website lets a user share a transaction on social media — such as to promote a charitable donation — a search engine can see their post, and from there index the original web page, whether the user knows this or not. With no security protection in place, these pages are available to anyone.

more news

Half Of Global Organisations Not Prepared For Cyberattacks


It is believed that more than 4,000 cyberattacks occur daily worldwide, but half of organisations across the globe admit they are not prepared for such events.

read more

Secure Your Physical Business Against Data Theft


Data theft does not just happen in cyberspace, but in the physical business environment, too. Lax physical security can allow criminals to access your computers, filing cabinets, documents left on desktops, etc. Here are some tips for you to ensure your everyday working environment is safe and secure.

read more

UK Launches Third NCSC Annual Review


Paymaster General and Minister for the Cabinet Office Oliver Dowden MP has launched the UK's National Cyber Security Centre's third Annual Review. In his presentation speech, he said: "Thank you, everyone, for joining us this morning. Cybersecurity is genuinely a massive priority for the government and it gives me great pleasure to launch the National Cyber Security Centre’s third Annual Review.

read more

Kaspersky Releases Information Security Report


To budget for information security, companies need to consider factors such as average potential losses, preferably by incident type, as well as other businesses’ average, outlays on security. Precise data on such questions do not get published, which is why Kaspersky conducts an annual survey of employees who make business decisions related to IT security for a variety of companies. The results of its 2019 survey have just been published.

read more