Blog

Featured image for StockX “System Update” Revealed to be a Breach

StockX “System Update” Revealed to be a Breach

First StockX forced a password reset, telling customers it was due to a system update, now it turns out that not only were over 6 million user records exposed, but that data is for sale by hackers. Online shoe reseller, StockX abruptly forced all users to reset their passwords a couple weeks ago saying it...
Read More
Featured image for Pitfalls of Modern Election Systems

Pitfalls of Modern Election Systems

Democracy requires participation where everyone should be able to stand up and be counted. New technology for voter registration and election management is about making easier to participate while maintaining integrity, but anyone with a healthy sense of skepticism knows the more complicated we make systems, the more opportunity there is for mistakes to creep...
Read More
Featured image for Cloudentity and NYDFS

Cloudentity and NYDFS

We’ve all heard a lot about GDPR, but if you’re in the Financial Services industry, you’re probably aware of NYDFS compliance.  NYDFS is actually the regulatory body (New York State Department of Financial Services) and in particular we’re concerned about the NYDFS Cybersecurity Regulation. The regulation is "designed to promote the protection of customer information...
Read More
Featured image for 2019 CafePress breach exposes 23 million users… What did we learn?

2019 CafePress breach exposes 23 million users… What did we learn?

This post looks back at the CafePress data breach of 2019, the compromised user data, how CafePress handled the breach, the resulting fall-out, and how consumers and companies can protect themselves from future hacks.  About the CafePress data breach  CafePress is a popular custom T-shirt and merchandise online retailer that was hacked, exposing the email...
Read More
Featured image for Poshmark Breach

Poshmark Breach

In today's breach news, Poshmark disclosed "data from some Poshmark users was acquired by an unauthorized third party." Poshmark is a social commerce marketplace where people in the United States can buy and sell new or used clothing, shoes, and accessories. It's unclear exactly According the the official disclosure release on Poshmark's website (see https://blog.poshmark.com/2019/08/01/important-security-notice-from-poshmark/)...
Read More
Featured image for Pearson Exposes Student Data

Pearson Exposes Student Data

Education software company Pearson, exposed data on at least 100,000 students across more than 13,000 schools and universities. The breach itself was in November of 2018, and discovered in March, but only announced in August, underscoring the challenges companies have with identifying, remedying and communicating breaches. First and last names, email addresses, and dates of...
Read More
Featured image for Capital One AWS Breach

Capital One AWS Breach

The story of the hacker who got hold of 100 million Capital One credit applications and accounts keeps getting bigger. First there's the breach itself -- the woman who hacked her way into the AWS S3 buckets openly talked about her exploits on Twitter and Slack with enough details to make it pretty clear what...
Read More
Featured image for Facebook will pay $5 BILLION for Cambridge Analytica Breach

Facebook will pay $5 BILLION for Cambridge Analytica Breach

The FTC announced that it will fine Facebook $5 Billion (yes that's with a "B") and subject the company to new regulations based on the Cambridge Analytica breach where millions of users data was harvested and targeted for political campaigning.  To date, this is the most expensive fine levied against a company for breaching personal...
Read More
Featured image for Facebook Kids App let's Kids talk to Strangers

Facebook Kids App let's Kids talk to Strangers

Facebook's Messenger Kids App was designed so "Kids can only connect with parent-approved contacts" only it wasn't true. Due to a flaw in privacy settings, kids were able to end up in group chats with unapproved people. While this is obviously a massive #COPPA issue, it's also just a plain old trust issue... When it...
Read More