VISTA InfoSec

JUNE 18, 2024

From customer information and financial records to trade secrets and proprietary research, these digital assets are invaluable. As cyber threats evolve, safeguarding your organization’s data has become an utmost priority. Encrypt everything from customer records to financial transactions for advanced data protection.

Data Security 266

Data Security Security Encryption Cybersecurity 266

PYMNTS

JANUARY 18, 2019

The largest public data breach ever has been discovered, according to Gizmodo. The breach is just one data batch of at least six more, collected by someone trying to sell the stolen info, which amounts to almost 1 terabyte of stolen information. In his blog , Hunt talked about how he discovered the breach.

Data Breach 63

Data Breach Breach Credential Compromise 63

PYMNTS

NOVEMBER 7, 2018

American Express India enabled a database to be accessible to anyone for longer than five days in October, according to a report in The Next Web. According to the report , the Hacken cyber consultancy team’s director of cyber risk research, Bob Diachenko, discovered the unprotected database on Oct.

Database 67

Database Encryption Adjustments Consulting 67

PYMNTS

MARCH 29, 2019

Close to 1 billion email accounts were leaked by a marketing company in what some researchers are calling the “biggest and most comprehensive email database” breach ever. The online database was created by a company called Verifications.io, which reportedly had no security measures in place.

Database 74

Database Accounts Breach Phishing 74

PYMNTS

NOVEMBER 27, 2018

A popular London-based massage startup has leaked its entire customer database — and could face steep fines due to violating GDPR (General Date Protection Regulation) rules. Anyone who discovered the information could easily access, edit or delete the database.

Database 51

Database Addressing Rules Blocks 51

PYMNTS

APRIL 30, 2019

Security experts have discovered an online, unprotected database that stores the personal data of 80 million American households. Ran Locar and Noam Rotem of vpnMentor discovered the database, adding that they believe it is the first time a breach of this size has included such detailed information.

Database 49

Database Identity Theft Breach Phishing 49

Fintech News

MARCH 20, 2024

Fraud networks, engaging in activities like multi-accounting, money laundering, and personal data breaches, target digital platforms such as cryptocurrency exchanges, fintech applications, dating services, and online casinos.

APACS 99

APACS Fraud Prevention Deepfake Account Takeovers 99

The Paypers

APRIL 21, 2016

(The Paypers) An Osterman Research’s database security industry report has revealed that of organizations say they lack the necessary tools to allow them to identify a data breach.

Data Breach 28

Data Breach Breach Database Research 28

PYMNTS

SEPTEMBER 8, 2019

Monster.com was the victim of a data breach caused by an exposed web server, but failed to inform users about the incident. Although Monster said it secured the exposed server soon after it was discovered in August, it never notified users of the breach.

Data Breach 73

Data Breach Breach Privacy Database 73

PYMNTS

JULY 25, 2019

Researcher Jeremiah Fowler first discovered an accessible database that was eventually revealed to be owned by Jana Bank and included sensitive customer data including Voter ID, driver’s license, passport, PAN Card, transaction, email, username and other information, part of the bank’s Know Your Customer verification database.

Database 49

Database Data Breach Financial Inclusion Small Business 49

PYMNTS

AUGUST 14, 2019

Two researchers, Noam Rotem and Ran Locar, work with a venture called vpnMentor, which assesses virtual private network (VPN) services. They have been working to find vulnerabilities in corporate systems that could lead to data breaches. We [were] able to change data and add new users.”.

Data Breach 53

Data Breach Breach Database Research 53

PYMNTS

OCTOBER 9, 2018

Navionics , an Italian company that manufactures electronic navigational charts for boating, was the victim of customer data breach that exposed hundreds of thousands of customer records. The 19 gigabyte database contained more than 260,000 records, including customer names and email addresses.

Breach 56

Breach Database Data Breach Security 56

PYMNTS

JANUARY 30, 2019

TechCrunch was able to get into the database — which was not password-protected — and see text messages going to customers in real time. What’s more, TechCrunch reported the database had archives of the text messages dating back to December. The security researcher requested anonymity, noted TechCrunch.

Database 49

Database Data Breach Breach Research 49

PYMNTS

JANUARY 25, 2021

The data leaked included names, email addresses, phone numbers, bank account details and tax ID numbers, the report stated. Lastly, while cryptocurrencies might never replace fiat currencies as a medium of exchange, they could replace gold as a store of value, according to research from the Bank of Singapore , The National reported.

Government 104

Government Governance Bitcoin Cryptocurrency 104

PYMNTS

FEBRUARY 15, 2019

The hacker is now selling the data for about $14,500 in bitcoin. Ariel Ainhoren, research team leader at Israeli security firm IntSights , said that the hacker may have used the same security flaw in both round of attacks. In fact, six of the 16 databases breached last year were running the same back-end PostgreSQL database software.

Database 51

Database Breach Data Breach Security 51

PYMNTS

JULY 16, 2019

The server, which was open for three weeks, was discovered by security researcher Daniel Brown. The database also included room service orders, guest complaints, invoices and other sensitive information used for accessing the Aavgo system. We had no data breach; however, we did find a vulnerability,” said Desai.

Breach 46

Breach Database Card Issuer Data Breach 46

PYMNTS

AUGUST 20, 2020

A database of nearly a quarter-million YouTube, Instagram and TikTok public profiles that was held by a now-shuttered company called Deep Social has made its way onto the Dark Web, The Next Web reported on Thursday (Aug. The news site attributed information about the data exposure to researcher Bob Diachenko of security firm Comparitech.

Breach 114

Breach Phishing Database Legal 114

CB Insights

OCTOBER 18, 2018

Data from the Verizon 2018 Data Breach Investigations Report shows that the attack-paths hackers take from initial compromise to final data breach are shrinking. Attack paths represent the number of steps that hackers have to take between breaking in and stealing an enterprise’s data.

Cybersecurity 57

Cybersecurity Data Breach Encryption Data Security 57

PYMNTS

JANUARY 30, 2020

A breach of India’s SpiceJet, one of the country’s biggest independent airlines, exposed the data of more than a million passengers, per a report on Thursday (Jan. 30), citing a security researcher. The breach was supposedly discovered via white-hat or ethical hacking , the security researcher said.

Breach 80

Breach Correspondent Research Database 80

PYMNTS

JUNE 6, 2019

Fortune 500 company Tech Data left a server with access to customer and billing data unsecured, and it was compromised by security researchers, according to a report by TechCrunch. Researchers Noam Rotem and Ran Locar, from vpnMentor, discovered and reported the vulnerability.

Database 46

Database Credit Cards Encryption Research 46

Stax

NOVEMBER 27, 2023

Of course, financial criminal activity doesn’t have to just lead to monetary loss—it could also lead to a data breach of customer information. The data must be securely kept for at least five years after the account is closed should it be needed down the road. trillion a year. This legal requirement was codified into U.S.

Due Diligence 88

Due Diligence Money Laundering AML Financial Crimes 88

PYMNTS

APRIL 5, 2018

Managing application secrets like database credentials, passwords or API keys is easy when you’re working locally with one machine and one application. The new service can be used to store passwords, database login information and keys to application programming interfaces (APIs) for other services.

Credential 40

Credential Cybersecurity Database Data Breach 40

PYMNTS

JANUARY 30, 2019

29) after being alerted to the leak , which was discovered by security researcher Oliver Hough. The database, running on a hosted Amazon Elasticsearch server, held tens of gigabytes of data, including customer names, contact information and case work for each corporate client. The exposed server wasn’t protected with a password.

Database 57

Database Breach Government Governance 57

FICO

DECEMBER 21, 2018

It’s an understatement to say that 2018 was a year of blockbuster data breaches : Facebook, Marriott, Ticketmaster and British Airways, to name just a few. In my predictions blog for 2017 I wrote, “Biometric security data may become the biggest security vulnerability of all.” In some industries, it’s the biggest.

Data Breach 40

Data Breach Breach Assessments Cybersecurity 40

PYMNTS

JUNE 19, 2019

“The net result is that we can perform this computation without exposing any individual data and only getting the aggregate result,” said Amanda Walker, director of privacy tools and infrastructure engineering at the tech giant. Tal Malkin, a cryptographer at Columbia University, said the tool is an important one.

Encryption 46

Encryption Privacy Data Breach Wires 46

PYMNTS

APRIL 3, 2018

KrebsOnSecurity said it was alerted to the leak by Dylan Houlihan, a security researcher that had let Panera know about the issue on August 2, 2017. In a subsequent statement to Fox News, KrebsOnSecurity said the company claimed the breach only impacted 10,000 customers.

Breach 51

Breach Data Breach Database Scams 51

PYMNTS

JULY 23, 2019

Alongside the tide of Libra talk, Facebook is still confronted with privacy concerns and data breach issues. On April 17, it was revealed that Facebook had used user data as leverage with other countries, rewarding some with access to the data and withholding it from rival firms.

Federal Trade Commission 44

Federal Trade Commission FTC Data Breach Privacy 44

PYMNTS

MARCH 24, 2017

As opposed to selling the accounts nickel- and-dime style to other malicious actors, they are attempting to get a big score from extorting the affected company directly,” Alex Heid, chief research officer of SecurityScorecard , told PYMNTS. Kerem Albayrak, on the other hand, is being accused of listing the database for sale online.”.

Credential 45

Credential Crime Ransomware Data Breach 45

VISTA InfoSec

JANUARY 18, 2024

As a reminder, the Payment Card Industry Data Security Standard (PCI DSS) is a comprehensive set of security requirements that all organizations handling cardholder data must adhere to. These requirements’ main objective is to safeguard sensitive cardholder information and mitigate data breaches. in PCI DSS.

PCI DSS 289

PCI DSS Procedures Encryption Security 289

PYMNTS

FEBRUARY 1, 2019

In addition, the Aadhaar system has reportedly been subject to problems involving starvation and data theft. The UIDAI claims that the system is impenetrable, but French security researcher Robert Baptiste scraped the site using about 100 lines of Python code. The page with the breaches had been pulled offline.

Compromise 40

Compromise Breach Database Social Security 40

Seon

JANUARY 29, 2024

According to research from Kaspersky, more than half of all fraudulent attacks are in fact an account takeover. In the worst-case scenario, stocks can even plummet after a publicized breach. According to Bitglass research, this can be down by as much as 7.5%. Users turn to competitors due to a loss of reputation and brand trust.

Account Takeovers 52

Account Takeovers Accounts Fraud Prevention Fraud Detection 52

PYMNTS

OCTOBER 10, 2019

Fresh PYMNTS research has dug into the issue. The storage of sensitive debit and credit card information in databases that, depending on the market, are subject to different levels of regulation can create security concerns. How many data breaches have we seen?” Whenever data is stored, there is potential for exposure.”.

Real Time Payments 80

Real Time Payments Push-to-Card Payments Debit Card 80

FICO

JUNE 12, 2019

A new report from research firm Chartis names FICO a category leader in cyber risk quantification solutions. The key risk signals leveraged by the FICO Cyber Risk Score are based on a deep database of timeseries historical information, collected by FICO, which spans the entire internet address space for six years.

Risk 40

Risk Breach Assessments Cybersecurity 40

PYMNTS

MARCH 18, 2019

Now, those systems are often integrated into a single database or exchange data via tools such as APIs.” Obtaining that seamlessness in data movement means a company can manage employee data “from recruitment to retirement,” added Ferdowsi. In the beginning, each was an obvious disparate system.

Payroll 64

Payroll API Payment APIs and Integration Data Breach 64

PYMNTS

APRIL 3, 2019

The data sets were both discovered on Amazon cloud servers, and all of the data was removed by Facebook after the company was notified about the problem. Facebook’s policies prohibit storing Facebook information in a public database,” a spokesperson for the company said.

Database 53

Database Origination Research Posting 53

PYMNTS

JANUARY 24, 2019

Data and analytics company Ascension has suffered a data leak that exposed more than 24 million loan and mortgage documents from some of the country’s biggest banks. The database, which is believed to have been exposed for two weeks, was discovered by independent security researcher Bob Diachenko.

Law Enforcement 62

Law Enforcement Social Security Database Agreements 62

FICO

AUGUST 6, 2018

In those models, the goal is to develop depth and breadth of historical data in order to maintain a record of fraudulent activity (e.g., Similar databases exist for valid email addresses, device IDs, and identity details associated with fraud events. In fact, the data is completely anonymized via a hashing algorithm.

Payments Data 45

Payments Data Non-Bank Fraud Detection Database 45