Privacy, Data Protection & Information Management – Page 24

Hackers target cryptocurrency via Tesla’s public cloud: don’t mine our business – mind your own business!

Feb 25 2018

By Cameron Abbott and Samantha Tyrrell

Not even Tesla is immune to digital security breaches according to a recent report published by RedLock. The cloud security firm discovered that intruders were able to access and exploit Tesla’s public cloud system to mine cryptocurrencies, a scheme – which due to its surge in popularity – is now better known as cryptojacking. A recent string of similar incidents has demonstrated that hackers are shifting their focus away from siphoning data to siphoning cloud resources instead.

Mandatory Data Breach Reporting in 60 seconds

Feb 23 2018

By Cameron Abbott

The notifiable data breach scheme, as outlined in the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth), commenced yesterday, 22 February. Under this new scheme, in the event an organisation experiences a data breach that is likely to result in serious harm to any individual, that organisation will be required to notify the Australian Information Commissioner and any affected individual(s) of the breach. This 60 second video will help you prepare your organisation for these changes.

The Pyeongchang Winter Olympics – skating on thin ice when it comes to cybersecurity?

Feb 15 2018

By Cameron Abbott and Samantha Tyrrell

McAfee, a cybersecurity company, reported that organisations associated with the Pyeongchang Winter Olympic Games suffered security breaches as part of a hacking campaign in January. In a second chapter to this story, organisers have recently confirmed that Olympic servers were the subject of a cyberattack during the opening ceremony last Friday.

Cybersecurity is only one part of security – a filing cabinet could be your highest risk

Feb 09 2018

By Cameron Abbott and Harry Crawford

No matter how much you spend on cybersecurity technology, data breaches can occur in the most basic ways, for example by leaving an old filing cabinet lying around. This demonstrates the need for a holistic approach to information security.

Recently, highly confidential government papers were discovered inside two locked filing cabinets that were purchased at a second-hand furniture shop in Canberra. What likely happened was a public servant overseeing an office clean up unwittingly sold the filing cabinets containing state secrets to the furniture shop.

Facebook wants you to know that it’s accountable for your privacy

Feb 01 2018

By Cameron Abbott and Samantha Tyrrell

Facebook has always been confronted with privacy-related scrutiny, including being the respondent in the proceedings that ultimately brought down the EU-US privacy shield. On 28 January 2018, Facebook revealed its “privacy principles” to users for the first time. Via a series of educational videos and a ‘Privacy Check Up’ function, Facebook has shared the core principles it uses to guide its approach to privacy. Facebook will also roll out a new hub which will allow users to more easily control their privacy settings.

Fitness tracking app reveals US army secrets?

Jan 29 2018

By Cameron Abbott and Allison Wallace

Sometimes you don’t need a “hack” to have a cybersecurity issue. The locations of several US military bases in the Middle East seem to have been inadvertently revealed through US soldiers’ use of fitness tracking devices, and the fitness tracking app Strava. Read More

US Government reaches for data stored on foreign soil

Jan 22 2018

By Cameron Abbott and Harry Crawford

A significant case for digital privacy is currently before the US Supreme Court, with the US Justice Department fighting it out against Microsoft in a bid to gain access to emails held on Microsoft’s servers in Dublin. The US Justice Department is seeking to use a search warrant to access the emails in Ireland in a drug trafficking case. If a precedent is set which allows the US government to access data stored on foreign soil, that could have a significant impact on privacy rights on a global scale.

The co-existence of open data and privacy in a digital world

Dec 22 2017

By Cameron Abbott, Keely O’Dowd and Giles Whittaker

Earlier this week researchers from the University of Melbourne released a report on the successful re-identification of Australian patient medical data that formed part of a de-identified open dataset.

In September 2016, the researchers were able to re-identify the longitudinal medical billing records of 10% of Australians, which equates to about 2.9 million people. The report outlines the techniques the researches used to re-identify the data and the ease at which this can be done with the right know-how and skill set (ie someone with an undergraduate computing degree could re-identify the data).

At first glance, the report exposes the poor handling of the dataset by the Department of Health. Which brings into focus the need for adequate contractual obligations regarding use and handling of personal information, and the need to ensure adequate liability protections are addressed even where the party’s intentions are for all personal information to be de-identified. The commercial risk with de-identified data has shown to be the equivalent of a dormant volcano.

One-third of US businesses suffer data breaches: How will you protect yourself?

Dec 12 2017

By Cameron Abbott and Harry Crawford

A recent survey has shown that nearly one-third (29%) of US businesses experienced a data breach in the previous year.

The Hartford Steam Boiler Inspection and Insurance Company, part of global reinsurer Munich Re, conducted the survey which shows that 8 in 10 affected businesses spent at least $5,000 to respond. 27 percent of the businesses spent between US$5,000 and US$50,000 to respond to the data breach and 30 percent spent between US$50,000 and US$100,000, and a considerable portion spent even more than that. The costs were not only directly financial, with two-thirds of the affected businesses reporting their reputation was negatively impacted.

Cybersecurity in the age of the Internet of Things

Dec 06 2017

By Cameron Abbott, Keely O’Dowd and Harry Crawford

The Internet of Things (IoT) allows unprecedented interconnectivity for consumers, and unfortunately for those consumers, hackers as well.

The European Union Agency for Network and Information Security (ENISA) recently released a report to provide insight into the security requirements of IoT and good practices recommendations on preventing and mitigating cyber-attacks against IoT systems. The report even includes examples of IoT cyber security attack scenarios.

Catagory:Privacy, Data Protection & Information Management