Commentaries and Analyses

Physical and cyber threats collide in data theft incidents at N.J. businesses

Joel Griffin reports: For years, cybersecurity experts have warned about the lengths that criminals will go to in gaining access to the network of their intended victim, including exploiting flaws in an organization’s physical security program to achieve their goals. Some security practitioners brushed aside these concerns convinced that these so-called “hackers,” often portrayed...

Indian onlinebloodbank FINALLY secures exposed donors database

It’s been a frustrating matter, but it may finally be resolved, thanks to the individual known as @fs0ciety on Twitter. In May 2019, DataBreaches.net was alerted to an online bloodbank in India that had a misconfigured Amazon s3 bucket. Despite repeated emails by this site and even a phone call from Banbreach infosec in...

TW: Online box office EZding liable for data theft and consequential damages

Arthur Shay of Shay and Partners writes: In September 2019 a landmark appeal court decision found an online information service provider liable for consequential damages of data theft. In April 2017 subscribers and users of one of Taiwan’s most popular box office websites, EZding, reported numerous data theft incidents. EZding rejected the complaints about...