Internet Security

UK’s ICO fines British Airways a record £183M over GDPR breach that leaked data from 500,000 users

The U.K.’s Information Commissioner is starting off the week with a GDPR bang: This morning, it announced that it has fined British Airways and its parent International Airlines Group (IAG) £183.39 million ($230 million) in connection with a data breach that took place last year that affected a whopping 500,000 customers browsing and booking tickets online. In an…


The U.K.’s Information Commissioner is starting off the week with a GDPR bang: This morning, it announced that it has fined British Airways and its parent International Airlines Group (IAG) £183.39 million ($230 million) in connection with a data breach that took place last year that affected a whopping 500,000 customers browsing and booking tickets online. In an investigation, the ICO said that it found “that a variety of information was compromised by poor security arrangements at [BA], including log in, payment card, and travel booking details as well name and address information.”

The fine — 1.5% of BA’s total revenues for the year that ended December 31, 2018 — is the highest-ever that the ICO has leveled at a company over a data breach (previous “record holder” Facebook was fined a mere £500,000 last year by comparison).

And it is significant for another reason: It shows that data breaches can be not just a public relations liability, destroying consumer trust in the organization, but a financial liability, too. IAG is currently seeing volatile trading in London, with shares down 1.5% at the momen

Read More

Be the first to write a comment.

Leave a Reply

Internet Security

Twitter admits it used two-factor phone numbers and emails for serving targeted ads

Twitter has said it used phone numbers and email addresses, provided by users to set up two-factor authentication on their accounts, to serve targeted ads. In a disclosure Tuesday, the social media giant said it did not know how many users were impacted. The issue stemmed from the company’s tailored audiences program, which allows companies…


Twitterhas said it used phone numbers and email addresses, provided by users to set up two-factor authentication on their accounts, to serve targeted ads.

In a disclosure Tuesday, the social media giant said it did not know how many users were impacted.

The issue stemmed from the company’s tailored audiences program, which allows companies to target advertisements against their own marketing lists, such as phone numbers and email addresses. But Twitter found that when advertisers uploaded their marketing lists, it matched Twitter users to the phone numbers and email addresses users submitted to set up two-factor authentication on their account.

The issue was addressed as of September 17, the disclosure said.

Two-factor authentication is an important security feature that makes it far more difficult for hac

Read More

Continue Reading
Internet Security

Messaging app Kik shuts down as company focuses on Kin, its cryptocurrency

Updated with comment from Kik Kik Interactive CEO Ted Livingston announced today that the company is shutting down Kik Messenger to focus on its cryptocurrency Kin, the target of a lawsuit filed by the Securities and Exchange Commission. The company’s team will be reduced to 19 people, a reduction that will affect more than 100…


Updated with comment from Kik

KikInteractive CEO Ted Livingston announced today that the company is shutting down Kik Messenger to focus on its cryptocurrency Kin, the target of a lawsuit filed by the Securities and Exchange Commission. The company’s team will be reduced to 19 people, a reduction that will affect more than 100 employees, as it focuses on converting more Kin users into buyers.

“Instead of selling some of our Kin into the limited liquidity that exists today, we made the decision to focus our current resources on the few things that matter most,” Livingston wrote in a blog post, adding that the changes will reduce the company’s burn rate by 85%, enabling it to get through the SEC trial.

In an email to TechCrunch, a company spokesperson said “We can confirm that the Kik Messenge

Read More

Continue Reading
Internet Security

This game uses troll tactics to teach critical thinking

The best medicine against online disinformation is an informed society that’s thinking critically. The problem is there are no shortcuts to universal education. Enter Finnish Public Broadcasting Company, Yle, which is hoping to harness the engagement power of gamification to accelerate awareness and understanding of troll tactics and help more people spot malicious internet fakes.…


The best medicine against online disinformation is an informed society that’s thinking critically. The problem is there are no shortcuts to universal education.

Enter Finnish Public Broadcasting Company, Yle,which is hoping to harness the engagement power of gamification to accelerate awareness and understanding of troll tactics and help more people spot malicious internet fakes. It has put together an online game, called Troll Factory, that lets you play at being, well, a hateful troll. Literally.

The game begins with a trigger warning that it uses “authentic social media content” that viewers may find disturbing. If you continue to play you’ll see examples of Islamophobic slogans and memes that have actually been spread on social media. So the trigger warning is definitely merited.

The game itself takes the form of a messaging app style conversation on a virtual smartphone in which you are tasked by the troll factory boss to whip up anti-immigrant sentiment. You do this by making choices about which messages to post online and the methods used to amplify distribution.

Online disinformation tactics intended to polarize public discourse which are depicted i

Read More

Continue Reading
Internet Security

Police hijack a botnet and remotely kill 850,000 malware infections

In a rare feat, French police have hijacked and neutralized a massive cryptocurrency mining botnet controlling close to a million infected computers. The notorious Retadup malware infects computers and starts mining cryptocurrency by sapping power from a computer’s processor. Although the malware was used to generate money, the malware operators easily could have run other…


In a rare feat, French police have hijacked and neutralized a massive cryptocurrency mining botnet controlling close to a million infected computers.

The notorious Retadup malware infects computers and starts mining cryptocurrency by sapping power from a computer’s processor. Although the malware was used to generate money, the malware operators easily could have run other malicious code, like spyware or ransomware. The malware also has wormable properties, allowing it to spread from computer to computer.

Since its first appearance, the cryptocurrency mining malware has spread across the world, including the U.S., Russia, and Central and South America.

According to a blog post announcing the bust, security firm Avast confirmed the operation was successful.

The security firm got involved after it discovered a design flaw in the malware’s command and control server. That flaw, if properly exploited, would have “allowed us to remove the malware from its victims’ computers” without pushing any code to victims’ computers, the researchers said.

The exploi

Read More

Continue Reading