Daily Archives: June 3, 2019

Australian National University hit by huge data breach

Vice-chancellor says hack involved personal and payroll details going back 19 years

The Australian National University is in damage control after discovering a major data breach a fortnight ago in which a “significant” amount of staff and student information was accessed by a “sophisticated operator”.

The university has confirmed an estimated 200,000 people have been affected by the hack, based on student numbers each year and staff turnover.

Related: Australian security services investigate attempted cyber attack on parliament

Continue reading...

Oversharing: Are You Ignoring Your Child’s Privacy When You Post Online?

Take it down, please. 

The above is a typical text message parents send to kids when they discover their child has posted something questionable online. More and more, however, it’s kids who are sending this text to parents who habitually post about them online.

Tipping Point

Sadly — and often unknowingly — parents have become some of the biggest violators of their children’s privacy. And, there’s a collective protest among kids that’s expressing itself in different ways. Headlines reflect kids reigning in their parent‘s posting habits and parents choosing to pull all photos of their kids offline. There’s also a younger generation of voices realizing the effect social media has had on youth, which could be signaling a tipping point in social sharing.

Ninety-two percent of American children have an online presence before the age of 2, and parents post nearly 1,000 images of their children online before their fifth birthday, according to Time. Likewise, in a 2017 UNICEF report, the children’s advocacy group called the practice of “sharenting” – parents sharing information online about their children – harmful to a child’s reputation and safety.

Digital Footprint

This sharenting culture has fast-tracked our children’s digital footprints, which often begins in the womb. Kids now have a digital birth date — the date of the first upload, usually a sonogram photo — in addition to their actual birth date. Sharing the details of life has become a daily routine with many parents not thinking twice before sharing birthdays, awards, trips, and even more private moments such as bath time or potty training mishaps.

Too often, what a parent views as a harmless post, a child might see as humiliating, especially during the more sensitive teen years. Oversharing can impact a child’s emotional health as well as the parent-child relationship, according to a University of Michigan study.

Diminishing Privacy 

So how far is too far when it comes to the boundaries between public and private life? And, what are the emotional, safety, and privacy ramifications to a child when parents overshare? The sharenting culture has forced us all to consider these questions more closely.

Children’s diminishing privacy is on advocacy agendas worldwide. Recently, the UK Children’s Commissioner released a report called “Who Knows About Me?” that put a spotlight on how we collect and share children’s data and how this puts them at risk.

5 safe sharing tips for families

  1. Stop and think. Be intentional about protecting your child’s privacy. Before you upload a photo or write a post, ask yourself, “Do I really need to share this?” or “Could this content compromise my child’s privacy (or feelings) today or in the future?”
  2. Ask permission. Before publicly posting anything about your child, ask for his or her permission. This practice models respect and digital responsibility. If posting a group photo that includes other children, ask both the child’s consent and his or her parent’s.
  3. Keep family business private. Resist sharing too much about your family dynamic — good or bad — online. Sharing your parenting struggles or posting details about what’s going on with you and your child could cause embarrassment and shame and irreparably harm your relationship.
  4. Consider a photo purge. With your child’s wellbeing, safety, and privacy in mind — present and future — consider going through your social networks and deleting any photos or posts that don’t need to be public.
  5. Talk to kids about the freedom of expression. Every person who logs on to the internet can expect fundamental freedoms, even kids. These include the right to privacy, how our data is shared, and the freedom of expression online. Discuss these points with your children in addition to our collective digital responsibilities such as respect for others, wise posting, downloading legally, citing works properly, and reporting risky behavior or content.

When it comes to parenting, many of us are building our wings on the way down, especially when it comes to understanding all the safety implications around data privacy for children. However, slowing down to consider your child’s wellbeing and privacy with every post is a huge step toward creating a better, safer internet for everyone.

The post Oversharing: Are You Ignoring Your Child’s Privacy When You Post Online? appeared first on McAfee Blogs.

Quest Diagnostics Breached Through Third-Party Billing Collections Vendor

veracode-quest-diagnostics-breach-june-2019

Quest Diagnostics has reported that nearly 12 million patients’ may have been impacted by a breach into American Medical Collection Agency (AMCA), the medical testing company’s third-party billing provider. According to a data breach filing with the Security and Exchange Commission, as many as 11.9 million patients may have had their credit card, banking, medical information, and other personal details stolen.

Quest has confirmed that because AMCA does not handle lab results, this information was not affected by the breach. It has also stopped sending collections request through AMCA while the breach is under investigation, and has hired outside security experts to get a better sense of the damage.  

On May 14, AMCA alerted Quest of the potential breach through its web payments page. The data breach filing indicates that between August 1, 2018 and March 30, 2019, an unauthorized party got access to AMCA’s system that allowed them to inject malicious code into the payments pages. They were then able to skim and collect the information users inputted.

According to TechCrunch, this is the second breach affecting Quest customers in three years. In 2016, the company announced the breach of its MyQuest patient portal, which allowed access to the test results and personal information of 34,000 patients.

Your company takes the security of its software seriously. If you want to prove to your customers that you make it a priority, you have to check out Veracode Verified.

The Guardian view on cybercrime: the law must be enforced | Editorial

Governments and police must take crime on the internet seriously. It is where we all live now

About half of all property crime in the developed world now takes place online. When so much of our lives, and almost all of our money, have been digitised, this is not surprising – but it has some surprising consequences. For one thing, the decline in reported property crimes trumpeted by successive British governments between 2005 and 2015 turns out to have been an illusion. Because banks were not required to report fraud to the police after 2005, they often didn’t. It would have made both banks and police look bad to have all that crime known and nothing done about it. The cost of the resulting ignorance was paid by the rest of government, and by the public, too, deprived of accurate and reliable knowledge. Since then, the total number of property crimes reported has risen from about 6m to 11m a year as the figures have taken computerised crime into account.

The indirect costs to society are very much higher than the hundreds of millions that individuals lose. One example is the proliferation of plagiarism software online, which developed an entire industry in poor, English-speaking countries like Kenya, serving idle or ignorant students in England and North America. The effort required by schools and universities to guard against such fraud has been considerable, and its cost entirely disproportionate to the gains made by the perpetrators.

Continue reading...