Cybersecurity News


Police ‘all over’ dark web ransom threat to release 10,000 customer records a day, Optus CEO says

Police ‘all over’ dark web ransom threat to release 10,000 customer records a day, Optus CEO says

Purported hackers post ultimatum demanding $1m within four days after massive Optus data breach

The chief executive of Optus, Kelly Bayer Rosmarin, says federal police are “all over” a post on the dark web purporting to release 10,000 customer records from the recent data breach and demanding a $1m ransom for the rest.

Rosmarin also told ABC radio the company’s massive security breach was “not as being portrayed”, after the minister for home affairs accused the company of leaving the “window open” for the data to be stolen.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...
26 September 2022

Optus customers exasperated by chatbots and ‘rubbish’ communication after data breach

Optus customers exasperated by chatbots and ‘rubbish’ communication after data breach

Some customers look to switch providers after puzzling responses and ‘less than helpful’ service

Optus customers say they are growing increasingly angry and frustrated at the poor communication from their mobile provider over the massive customer data breach that left millions vulnerable to identity fraud.

In the four days since Optus first reported that up to 10 million customers had personal information taken in a data breach, customers have been left scratching their heads over how Optus has communicated with them.

Continue reading...
26 September 2022

Government flags new cybersecurity laws and increase in fines after Optus breach

Government flags new cybersecurity laws and increase in fines after Optus breach

Clare O’Neil says penalties for telcos are ‘totally inappropriate’ and data breach was ‘significant error’

The Albanese government will pursue “very substantial” reforms in the wake of the massive Optus data breach, including increasing penalties under the Privacy Act that are currently capped at $2.2m.

As the government flags it will push ahead with legislative changes, hundreds of public servants from the Australian Signals Directorate, the Australian Cyber Security Centre and the Australian federal police were deployed to help manage the fallout from the data breach, with the government also working with banks to prevent further fraud.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...
26 September 2022

What happens with a hacked Instagram account – and how to recover it

Had your Instagram account stolen? Don’t panic – here’s how to get your account back and how to avoid getting hacked (again)

The post What happens with a hacked Instagram account – and how to recover it appeared first on WeLiveSecurity

26 September 2022

Optus data security breach: what should I do to protect myself?

Optus data security breach: what should I do to protect myself?

Experts say while ‘there’s no need to panic’, there are steps you can take to ensure you’re not exposed to scams or identity theft

After Optus revealed its massive data security breach on Thursday, customers started receiving emails informing them that their personal information had been accessed.

The telco said that while no financial information or passwords were accessed, the breach has seen customers’ names, dates of birth, email addresses, phone numbers, addresses associated with their account, and details of ID documents such as drivers licence numbers or passport numbers compromised.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...
26 September 2022

Optus faces potential class action and pledges free credit monitoring to data-breach customers

Optus faces potential class action and pledges free credit monitoring to data-breach customers

Home affairs minister Clare O’Neil says company to blame and flags new laws with large fines for such breaches

Optus has agreed to provide free credit monitoring to the millions of customers caught up in its massive data breach, as the home affairs minister flags changes to law to potentially fine companies millions for similar breaches.

The company on Monday said it had informed all customers via email or SMS who had their passport or driver’s licence numbers compromised in the breach last week.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...
26 September 2022

What to consider before disposing of personal data – Week in security with Tony Anscombe

A major financial services company has learned the hard way about the importance of proper disposal of customers' personal data

The post What to consider before disposing of personal data – Week in security with Tony Anscombe appeared first on WeLiveSecurity

23 September 2022

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

A 36-year-old Russian man recently identified by KrebsOnSecurity as the likely proprietor of the massive RSOCKS botnet has been arrested in Bulgaria at the request of U.S. authorities. At a court hearing in Bulgaria this month, the accused hacker requested and was granted extradition to the United States, reportedly telling the judge, "America is looking for me because I have enormous information and they need it."
23 September 2022

5 tips to help children navigate the internet safely

The online world provides children with previously unimagined opportunities to learn and socialize, but it also opens them up to a range of hazards. How can you steer kids toward safe internet habits?

The post 5 tips to help children navigate the internet safely appeared first on WeLiveSecurity

23 September 2022

Optus cyber-attack could involve customers dating back to 2017

Optus cyber-attack could involve customers dating back to 2017

CEO says company has not yet confirmed how many people were affected by hack, but 9.8 million was ‘worst case scenario’

Optus customers dating as far back as 2017 could be caught up in the massive hack of the telecommunications company’s database, CEO Kelly Bayer Rosmarin has revealed.

Bayer Rosmarin told reporters on Friday that the company is still not sure exactly how many customers had their personal information compromised in the attack, but that 9.8 million was the “worst case scenario”.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...
22 September 2022

Hey WeLiveSecurity, how does biometric authentication work?

Your eyes may be the window to your soul, but they can also be your airplane boarding pass or the key unlocking your phone. What’s the good and the bad of using biometric traits for authentication?

The post Hey WeLiveSecurity, how does biometric authentication work? appeared first on WeLiveSecurity

22 September 2022

Optus data breach: who is affected, what has been taken and what should you do?

Optus data breach: who is affected, what has been taken and what should you do?

After a malicious cyber-attack, customers of Australia’s second-largest telco are advised they could be at risk of identity theft

Australia’s second-largest telco, Optus, has suffered a massive data breach, with the personal information of potentially millions of customers compromised by a malicious cyber-attack.

It is believed the attackers were working for a criminal or state-sponsored organisation.

Sign up to receive an email with the top stories from Guardian Australia every morning

Continue reading...
22 September 2022

SIM Swapper Abducted, Beaten, Held for $200k Ransom

A Florida teenager who served as a lackey for a cybercriminal group that specializes in cryptocurrency thefts was beaten and kidnapped last week by a rival cybercrime gang. The teen's captives held guns to his head while forcing him to record a video message pleading with his crew to fork over a $200,000 ransom in exchange for his life. The youth is now reportedly cooperating with U.S. federal investigators, who are responding to an alarming number of reports of physical violence tied to certain online crime communities.
21 September 2022

Paving the Way: Inspiring Women in Payments - A Q&A featuring Sabeena Job

 

Sabeena Job once had a manager who motivated her to elevate her skillset and become a PCI Qualified Security Assessor. It was a move that was out of her comfort zone, but ultimately it inspired her to become the best version of herself. As a result, today she manages a team of security consultants and cybersecurity compliance programs for more than 30 organizations around the world. In this edition of our blog, Sabeena explains that growth only comes when you are outside of your comfort zone and why you have to get comfortable with being uncomfortable.

20 September 2022

Can your iPhone be hacked? What to know about iOS security

Here are some of the most common ways that an iPhone can be compromised with malware, how to tell it’s happened to you, and how to remove a hacker from your device

The post Can your iPhone be hacked? What to know about iOS security appeared first on WeLiveSecurity

19 September 2022

Botched Crypto Mugging Lands Three U.K. Men in Jail

Three men in the United Kingdom were arrested this month after police responding to an attempted break-in at a residence stopped their car as they fled the scene. The authorities found weapons and a police uniform in the trunk, and say the trio intended to assault a local man and force him to hand over virtual currencies. 
16 September 2022

Rising to the challenges of secure coding – Week in security with Tony Anscombe

The news seems awash this week with reports of both Microsoft and Apple scrambling to patch security flaws in their products

The post Rising to the challenges of secure coding – Week in security with Tony Anscombe appeared first on WeLiveSecurity

16 September 2022

Dispatch from the NACM: Day 3

 

Today was the final day of the 2022 North America Community Meeting. Lindsay Goodspeed, Senior Manager of Corporate Communications, sits down to provide a recap of the day. Highlights from the conversation include:

15 September 2022

Bridge the Gap with Knowledge Training

 

This week, the Council hosted the North America Community Meeting in Toronto, Canada. During the meeting, it was announced that the Council will be launching a new program called Knowledge Training. We sit down with Tracey Long, VP of Programs, to discuss this announcement.

15 September 2022

Third‑party cookies: How they work and how to stop them from tracking you across the web

Cross-site tracking cookies have a bleak future but can still cause privacy woes to unwary users

The post Third‑party cookies: How they work and how to stop them from tracking you across the web appeared first on WeLiveSecurity

15 September 2022