As news of a Reddit breach surfaces, the NYT looks at potential consumer complacency around data breaches.
The Evergreen Story: Why Do Data Breaches Keep Happening?
Another year, another passel of big-name data breaches in the news. An article this week in The New York Times asks, “Why Don’t You Do Something”? Part of the premise is that the constant drumbeat of breach news makes consumers complacent, but new research from Frost & Sullivan shows that 48 percent of consumers have dropped a service after learning of a breach.
Reddit’s SMS-Based 2FA Falls Victim to Attack
Reddit announced it had suffered a data breach that resulted in internal source code and some usernames and obfuscated passwords of its users being stolen. As Brian Krebs reports, the attackers were able to exploit the SMS-based two-factor authentication system employed by Reddit to protect sensitive employee accounts. The lesson: While SMS two-factor is better than a password alone, there are other options such as tokens and biometrics that provide greater security.
Networked Printers: The Original IoT Device
Long before Internet-connected light switches, thermostats and other devices provided a bevy of new attack vectors for hackers, connected printers were the backdoor to illicit network access. They still are today, so HP is launching a $10,000 bug bounty program in an effort to find vulnerabilities in its printers.
Blockchain Continuing Down a Path of Potential Disruption
If only I had a $1 for every time an article was written about blockchain. The latest take appears in CIO and looks at how blockchain could change information security, particularly the way companies exchange and manage data.
Chase Chases Away Skimmers with Cardless ATMs
As a fan(atic) of ApplePay and a dreamer of a wallet-free life, the announcement that Chase now allows its debit card customers to withdraw money from its 16,000 ATMs without a physical card is welcome news. Skimmers that prey on antiquated magnetic stripe systems will not be so happy though. Now if we can only make all gas pumps ApplePay-enabled.