I try to post every Tuesday, but find that once again the incessant news of data breaches is out-running me, inducing me to make this impulse-post. Today I read of two such problems, one a new breach, the other a tale of ongoing problems with cryptocurrency exchanges.
What they both have in common is email. Continue reading “Is email the Achilles’s heel of privacy?”
Storage giant Seagate suffered exposure of the withholding-tax records of some 12,000 employees following a phishing attack.
At the time Seagate noted that there was no evidence that the information had been misused, also known as the absence-of-evidence defense.
Fast-forward a year or so, and the evidence has appeared.
As is usual in these cases, we have a combination of failures, such as: Continue reading “Unrestricted email plus full PII access: recipe for trouble”