Internet Security

Have I Been Pwned is looking for a new owner

Troy Hunt has revealed he’s looking for an acquirer for the breach notification service he set up more than five years ago — aka: Have I Been Pwned. In a blog post discussing the future of the service, Hunt details how traffic to the site has exploded since January when he uploaded a massive 773M…


Troy Hunthas revealed he’s looking for an acquirer for the breach notification service he set up more than five years ago — aka: Have I Been Pwned.

In a blog post discussing the future of the service, Hunt details how traffic to the site has exploded since January when he uploaded a massive 773M record list of breached emails and passwords that could be used for automated unauthorized logins (aka credential stuffing).

“The extra attention HIBP started getting in Jan never returned to 2018 levels, it just kept growing and growing,” he writes, saying he realized he was getting close to burn out trying to manage the service solo. Hence his decision to seek an acquirer.

HIBP has ridden a wave of growing concern about data breaches and Internet security, with Hunt taking the decision to accept a commercial sponsorship via a partnership with password manager firm 1Passwordlast year.

Its growing profile has also led the service finding favor with governments wanting to monitor their own domains.

Sketching what he hopes to achieve with mor

Read More

Be the first to write a comment.

Leave a Reply

Internet Security

After data incidents, Instagram expands its bug bounty

Facebook is expanding its data abuse bug bounty to Instagram . The social media giant, which owns Instagram, first rolled out its data abuse bounty in the wake of the Cambridge Analytica scandal, which saw tens of millions of Facebook profiles scraped to help swing undecided voters in favor of the Trump campaign during the…


Facebook is expanding its data abuse bug bounty to Instagram.

The social media giant, which owns Instagram, first rolled out its data abuse bounty in the wake of the Cambridge Analytica scandal, which saw tens of millions of Facebook profiles scraped to help swing undecided voters in favor of the Trump campaign during the U.S. presidential election in 2016.

The idea was that security researchers and platform users alike could report instances of third-party apps or companies that were scraping, collecting and selling Facebook data for other purposes, such as to create voter profiles or build vast marketing lists.

Even following the high-profile public relations disaster of Cambridge Analytica,Facebook still had apps illicitly collecting data on its us

Read More

Continue Reading
Internet Security

OneTrust raises $200M at a $1.3B valuation to help organizations navigate online privacy rules

GDPR, and the newer California Consumer Privacy Act, have given a legal bite to ongoing developments in online privacy and data protection: it’s always good practice for companies with an online presence to take measures to safeguard people’s data, but now failing to do so can land them in some serious hot water. Now —…


GDPR, and the newer California Consumer Privacy Act, have given a legal bite to ongoing developments in online privacy and data protection: it’s always good practice for companies with an online presence to take measures to safeguard people’s data, but now failing to do so can land them in some serious hot water.

Now — to underscore the urgency and demand in the market — one of the bigger companies helping organizations navigate those rules is announcing a huge round of funding. OneTrust, which builds tools to help companies navigate data protection and privacy policies both internally and with its customers, has raised $200 million in a Series A led by Insight that values the company at $1.3 billion.

It’s an outsized round for a Series A, being made at an equally outsized valuation — especially considering that the company is only three years old — but that’s because of the wide-ranging nature of the issue, according to CEO Kabir Barday, and OneTrust’searly moves and subsequent pole position in tackling it.

“We’re talking about an operational overhaul in a company’s practices,” Barday said in an interview. “That requires the right technology and reach to be able to deliver that at a low cost.” Notably, he said that OneTrust wasn’t actually in search of funding — it’s already generating revenue and could have grown off its own balance sheet — although he noted that having the capitalization and backing sends a

Read More

Continue Reading
Internet Security

UK to toughen telecoms security controls to shrink 5G risks

Amid ongoing concerns about security risks posed by the involvement of Chinese tech giant Huawei in 5G supply, the U.K. government has published a review of the telecoms supply chain, which concludes that policy and regulation in enforcing network security needs to be significantly strengthened to address concerns. However, it continues to hold off on…


Amid ongoing concerns about security risks posed by the involvement of Chinese tech giant Huawei in 5G supply, the U.K. government has published a review of the telecoms supply chain, which concludes that policy and regulation in enforcing network security needs to be significantly strengthened to address concerns.

However, it continues to hold off on setting an official position on whether to allow or ban Huawei from supplying the country’s next-gen networks — as the U.S. has been pressurizing its allies to do.

Giving a statement in parliament this afternoon, the U.K.’s digital minister, Jeremy Wright, said the government is releasing the conclusions of the report ahead of a decision on Huawei so that domestic carriers can prepare for the tougher standards it plans to bring in to apply to all their vendors.

“The Review has concluded that the current level of protections put in place by industry are unlikely to be adequate to address the identified security risks and deliver the desired security outcomes,” he said. “So, to improve cyber security risk management, policy and enforcement, the Review recommends the establishment of a new security framework for the UK telecoms sector. This will be a much stronger, security based regime than at present.

“The foundation for the framework will be a new set of Telecoms Security Requirements for telecoms operators, overseen by Ofcomand government. These new requirements will be underpinned by a robust legislative framework.”

Wright said the government plans to legislate “at the earliest opportunity” — to provide the regulator with stronger powers to to enforcement the incoming Telecoms Security Requirements, and to establish “stronger national security backstop powers for government.”

The review suggests the government is considering introducing GDPR-level penalties for carriers that fail to meet the strict security standards it will also be bringing in.

“Until the new legislation is put in place, government and Ofcom will work with all telecoms operators to secure adherence to the

Read More

Continue Reading
Internet Security

Daily Crunch: A bad month for the internet

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 9am Pacific, you can subscribe here. 1. It was a really bad month for the internet In the past month, there were several major internet outages affecting millions…


The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 9am Pacific, you can subscribe here.

1. It was a really bad month for the internet

In the past month, there were several major internet outages affecting millions of users across the world. Sites buckled, services broke, images wouldn’t load, direct messages ground to a halt and calendars and email were unavailable for hours at a time.

What can we learn? For one, internet providers need to do better with routing filters. Secondly, perhaps it’s not a good idea to run new code directly on a production system.

2. Twitter and Facebook reportedly not invited to White House ‘social media summit’

Trump’s White House is hosting what it calls “a robust conversation on the opportu

Read More

Continue Reading