Yahoo Data Breach – Some Facts & Questions (i.e., was it really the Russians?)

The Basic Facts Yahoo announced that it had a data breach in late 2014 and 500 million users' account information was stolen. The account information may include names, email addresses, telephone numbers, date of birth, passwords (most encrypted with bcrypt, but apparently not all), security questions, and security question answers. People who have Yahoo-based services … Continue reading Yahoo Data Breach – Some Facts & Questions (i.e., was it really the Russians?)

You Could See This One Coming: Vibrator Company Sued for Tracking Usage

SETTLEMENT UPDATE: A Canadian sex-toy manufacturer, We-Vibe, has been ordered to pay out almost $3 million to customers who bought a “smart vibrator” that tracked owners’ usage without their knowledge. Each customer who used the associated app will be paid $7,433, and customers who bought the vibrator but never used the app can claim up to … Continue reading You Could See This One Coming: Vibrator Company Sued for Tracking Usage

Brazzers porn hack: more than just account holders exposed–what does this mean for your company?

We have been observing an evolution in hackers' tactics from going after data that could be directly monetized, such as payment card data, to going after data that can be monetized indirectly through extortion, such as the Ashley Madison data. The hack of Brazzers porn site is similar to the Ashley Madison hack in that the … Continue reading Brazzers porn hack: more than just account holders exposed–what does this mean for your company?

#SonyHack: Will Executives’ Embarrassing Emails Better Motivate Cybersecurity Change?

Sitting in the Miami airport at 5:00 am I am reading news updates on the #SonyHack and a thought just occurred to me: Previously, many of us preaching the "you better take your company's security seriously" message to the C-Suites have been wondering if it would take a court decision finding C-Levels or Board members … Continue reading #SonyHack: Will Executives’ Embarrassing Emails Better Motivate Cybersecurity Change?