Connect with us

Technology

Cybersecurity 101: What To Do If Your Data Is Involved In A Data Breach

Published

on

Cybersecurity 101 By Z6Mag

There is no way that one can downplay the gravity of the world’s data security problem. Day after day, reports of a new database from various companies are exposed online and is dominating most of our security-related conversations. Billions of people have been affected, and it’s most likely that your data has been exposed or compromised one way or another.

Of course, these data breaches vary in degrees. Some were spotted earlier than the other, allowing them to secure their database before someone used it for their criminal activities. Some, however, remains accessible until today, and it’s pretty much available for everyone to use. There are also data that are relatively harmless – like names, email address, breed-readiness, etc. However, there are also data that were very sensitive like nude images, phone recordings, credit card details, passwords, and social security numbers.

Protecting your data from being exposed is one way to ensure that your data will not end up in an unprotected database somewhere. But that only goes as far as it can. There are data that, no matter how much you protect them, can still fall in the hands of dangerous people.

Hence, it is indispensable to know what to do if in case your data becomes public. Here are a few things that you can do to mitigate the effects of a data leak:

WHAT TO DO IF YOUR DATA HAS BEEN LEAKED?

Read the news.

Making yourself aware of the recent data breaches will prepare you for the worst days to come. If you are updated with the recent cyber attacks, you can be able to plan out what to do in case your data is part of the database that has been exposed.

Furthermore, by being updated and aware of the recent data attacks, you will be alerted if the company or the app or the website that has your data was breached. In that case, you can immediately take action to protect yourself if in case someone uses your exposed data against you. Remember: knowledge is power.

Determine what kind of data is leaked.

As mentioned earlier, there is a varying intensity of the effects of data breaches. It is essential to know what kind of data was compromised so that you will know what steps to take to mitigate its possible effect on you. For starters, there are three primary intensities of data breaches:

  1. Least Sensitive Breaches – This kind of data breaches only exposed harmless data like your name and your email address. With this kind of breach, the worst that can happen to you is increased traffic in your spam folder.
  2. More Sensitive Breaches – This kind of breaches are more harmful as they usually include some sensitive information that you don’t want even your friends to know. Examples of these data are credit card numbers and date of birth. While a stolen credit card number may result in fraudulent charges, the cardholder will eventually be protected from the liability if this happened. On the other hand, the date of birth can be used to verify identity since it doesn’t change unlike address or phone numbers.
  3. Most Sensitive Breaches – This kind of breaches deal with confidential information of a person like your social security number. When criminal elements take hold of your social security number and your name, it becomes easy for them to impersonate you resulting in identity and financial theft.

Change all affected passwords.

If an online account has been compromised, it is necessary to change all affected passwords immediately. One tip is to make the new password stronger than the previous password. It is even more advisable to replace all account passwords in all the services you use to make sure. Avoid reusing passwords in other accounts; that way, you will be limiting the damage if in case a breach happens.

Contact relevant financial institutions.

Once your data is exposed and is way up there – especially your credit card information – contacting the card issuer immediately will protect you from fraudulent charges. Make sure that you personally appear to the institution or to talk to a human representative. Explain to them that your account is at risk of fraud and ask the card issuer to alert you if it detects suspicious activity. Most likely, the company will cancel the card and issue a new one straight away.

Contact credit-reporting bureaus.

By contacting credit-reporting bureaus and asking them to place a fraud alert on your name, you will be notified if in case someone impersonates you or steal your financial identity. For example, if someone decides to open a credit card account in your name, you will know. These alerts are free and can be renewed every 90 days, at least in the U.S.

In conclusion:

All of these tips are a few of the things to do for you to mitigate the effects of a data breach. The best thing to do, however, is prevention. /apr

A consumer tech and cybersecurity journalist who does content marketing while daydreaming about having unlimited coffee for life and getting a pet llama.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

This Apple Patent Secures 360-Degree Rotatable Camera For Its Watch Series

Published

on

Photo by Luke Chesser on Unsplash

The U.S. Patent and Trademark Office granted a patent for Apple that allows it to include a rotatable camera on its Apple Watch products—a revolutionary innovation to the smartwatch market.

Other brands have teased about introducing a built-in camera on their smartwatches before. However, that entails maneuvering the user’s wrist in a challenging position — proving that the technology is far from ready for launch.

Apple secured a patent that would solve the problem. The Apple Watch patent comes along with 63 newly granted patents for Apple Inc.

Apple Watch Rotatable Camera
Source: 9to5mac

The new patent opens the possibility of future Apple Watches with the ability to capture images and video via a rotatable, pull-out camera.

The patent describes the invention as similar to an extension of the Apple Watch band, where the built-in camera can be pulled out to expose and use it. Primarily, this will enable the Apple Watch user to avoid the tricky wrist-maneuvering.

“Such functionality can replace or at least meaningfully augment a user’s existing camera-enabled iPhone.”

Notably, cameras on smartwatches were initially introduced with similarities to the conventional smartphones where it is stationary on the screen. The patent describes it to have a pull-out functionality where a user can point towards the desired direction.

Furthermore, the built-in camera can even be rotated at a 360-degree angle. Meaning, a single camera can function both as a front and back camera, allowing Apple to save more space, as it is compacted on a very small device.

As described, the camera is placed on the tip of an extendable band where “an optical sensor [is] attached to or integrated within the distal end portion of the camera watch band […] and a data connection between the optical sensor and the watch body.”

The band, where the camera will be placed, is told to be flexible enough that users can manipulate it into any form via twisting and bending. A combination of a “malleable metal core” with “magnetorheological fluid,” and “mechanical links” will comprise the band to help maintain its form. This combination may also help prop the camera end to a fixed position such as bending towards the user to make FaceTime calls.

Users can take photos or record videos by pinching the camera watch band, asking Siri to do it, or by clicking on the Apple Watch screen.

2 Apple Watch with camera in band
Apple Watch Rotatable Camera
Source: Patently Apple

The latest report comes along with Apple’s plans of marketing the Apple Watch Series, as a more independent device from the rest of the company’s products such as an iPhone.

“A smartwatch with the capability of capturing images or videos may enable a user to forego carrying a smartphone when doing some activities, especially activities or environments where it would be difficult to take a smartphone (e.g., hiking, running, swimming, surfing, snowboarding, and any number of other situations),” says in its patent report.

Furthermore, Apple recently announced in its Worldwide Developer Conference that the Apple Watch is getting its own App Store with its own set of dedicated applications mainly focused on its Health functionalities.

Notably, the recent release remains to be a patent. There is no guarantee when we’re exactly going to see the built-in camera function in the Apple Watch or if we are ever going to witness it (at all).

It could yield similar results to Apple’s infamous AirPower—a wireless charging pad that can simultaneously power three devices without the need to place it in specific areas to work. The product never went into production as it proved to be challenging after all.

The future still holds the answer whether or not Apple will be able to make the camera feature with up-to-par quality. Questions regarding the camera’s quality, its strength, and durability of the camera band remain as a mystery.

On the other hand, if Apple does decide to push through with the invention and follow Apple’s standard with product quality, it could easily win over the current market, which is already dominating.

As of 2018, Apple’s Apple Watch Series still takes first place on the market for smartwatches with a total of 51% global market share. It is selling like hot pancakes as Apple’s shipments increased by 1.4 million units compared to the same quarter in the previous year, for a total of 9.2 million units shipped in Q4 2018.

Continue Reading

Politics

‘Youtube’ Removes ‘Project Veritas’ Leak Exposing The Bias Of ‘Google’ Against Trump

Is Google the only one who can prevent a “next Trump situation?” A Google exec thinks so.

Published

on

Jen Gennai said that Google is the only one that can stop Trump victory. Photo: Carlos Luna | Flickr | CC BY 2.0

As the election season approaches, Google’s video-streaming service, Youtube, took down a video that exposed the California-based technological superpower of being politically biased against the President and his bid for the next election.

The video, which has since been removed from the platform by Youtube, shows a senior employee at the company appearing to admit that the company plans to interfere in the next presidential election to stop Donald Trump.

The video is part of the Project Veritas, that has exposed numerous scandals corruption, dishonesty, self-dealing, waste, fraud, and other misconduct by private individuals, corporations, politicians and government agencies. It was founded by James O’Keefe and claimed that it aims to “further the common good and general welfare of the citizens of the United States by conducting investigations into waste, fraud, abuse, corruption, dishonesty, self-dealing and other misconduct for the purpose of educating the public, stakeholders, policymakers, and communities in order to create a more ethical and transparent society.”

Only Google can prevent “next Trump situation”

The said video is still available in the Project Veritas website and featured undercover footage of a top Google employee, Jen Gennai, who preaches that the company, Google, should not be broken up because they still need to stop the reelection of the President and only they can prevent “next Trump situation.”

“Elizabeth Warren is saying we should break up Google. And like, I love her but she’s very misguided, like that will not make it better it will make it worse, because all these smaller companies who don’t have the same resources that we do will be charged with preventing the next Trump situation, it’s like a small company cannot do that,” the video revealed appearing to be said by Gennai.

In the same video, Gennai appears also to declare that Trump’s victory in the 2016 elections “screwed us (Google).”

“We all got screwed over in 2016; again it wasn’t just us, it was, the people got screwed over, the news media got screwed over, like, everybody got screwed over, so we’re rapidly like, happened there and how do we prevent it from happening again,” she added.

“We’re also training our algorithms, like, if 2016 happened again, would we have, would the outcome be different?”

They need to change the law to force Google to change

Gennai is also strong in its stance that government pressure and intervention could not force Google to change its ways. She said that if the lawmakers want to change how Google behaves, they have to change the law.

“We got called in front of Congress multiple times, so we’ve not shown up because we know that they’re just going to attack us. We’re not going to change our; we’re not going to change our mind. There’s no use sitting there being attacked over something we know we’re not going to change. They can pressure us, but we’re not changing. But we also have to be aware of what they’re doing and what they’re accusing us of,” she said in the video.

Gennai works on “responsible innovation” in the Global Affairs division of Google — the same division run by Kent Walker, the Google VP who has declared his intention to make the populist-nationalist movement represented by Donald Trump a “blip” or “hiccup” in history, which he said, “bends towards progress.”

This rhetoric coincides and corroborated earlier leaks that exposed other top managers and officials from Google to have made similar statements involving the same sentiments.

Similar sentiments from other Google execs

Earlier this year, a Google engineer, Mike Wacker, published an email showing an official from the tech superpower telling his subordinates that the Trump election victory motivated the company’s stand on fake news.

“Also, I posted a comment on a meme regarding fake news on Search, and someone reported it to [Human Resources]. I didn’t say I was in favor or against, just cautioned that we need to be car[e]ful. My manager brought it up in our 1:1 last week. Made me feel very uncomfortable for having an opposing view. He said we need to stop hate [speech] and fake news because that’s how Trump won the election,” Wacker wrote in his post.

“I obviously didn’t say anything and just wanted it to end. I [redacted] would like to see all managers be required to take political bias training.”

Continue Reading

Technology

‘Operation Soft Cell’ Linked To State-Sponsored Chinese Hacking Group

Operation Soft Cell has been operating since 2012.

Published

on

The operation is called Operation Soft Cell. Photo: The Preiser Project | Flickr | CC BY 2.0

A Chinese-linked operation has been found to be stealing sensitive call data, including identifiable information by breaching into telecommunication network in order to gain espionage intelligence on high-value targets, a report reveals.

The operation, called Operation Soft Cell, was discovered by the cybersecurity research firm Cybereason and was said to have been operating since 2012 – which makes a total of seven years of hacking into telecom systems and networks from different countries around the world. Furthermore, researchers have also found evidence that the operations have been attacking cell networks a few years before 2012.

A state-sponsored operation

Researchers have linked the operation to a China-based hacking group APT10 as the tools, and TTPs used in the attacks are commonly associated with the Chinese threat actor. They also believed that the said attacks are state-sponsored and highly coordinated.

“We’ve concluded with a high level of certainty that the threat actor is affiliated with China and is likely state-sponsored. The tools and techniques used throughout these attacks are consistent with several Chinese threat actors, specifically with APT10, a threat actor believed to operate on behalf of the Chinese Ministry of State Security (MSS),” the researchers said in the report.

The attacks, as per the tech experts, were aimed to obtain CDR records of a large telecommunications provider. The threat actor was attempting to steal all data stored in the active directory, compromising every single username and password in the organization, along with other personally identifiable information, billing data, call detail records, credentials, email servers, geo-location of users, and more.

Modifying attacks wave after wave to prevent being linked

And the attackers have been evolving, changing their techniques now and then to prevent the attacks from being linked to each other.

“During the persistent attack, the attackers worked in waves- abandoning one thread of attack when it was detected and stopped, only to return months later with new tools and techniques.”

The attack began with a web shell running on a vulnerable, publicly-facing server, from which the attackers gathered information about the network and propagated across the network. The hackers attempted to compromise critical assets, such as database servers, billing servers, and the active directory. As the malicious activity was detected and remediated against, the threat actor stopped the attack.

The threat actor changed activity every quarter. Photo: Cybereason

The second wave of the attack hit several months later with similar infiltration attempts, along with a modified version of the web shell and surveillance activities. This cycle is said to continue, with the attackers and white hats play a game of cat and mouse. Every time white hats corner the attackers, they stop and return with a modified attack a few more times in the next four months.

Espionage is the primary motivation

According to the researchers, they can pinpoint several motives behind this massive cyberspace intrusion. They said that as hacking operations become one of the newest frontiers of global power struggle, institutions that store a vast amount of data started to become the target. And telecommunication corporations became one of the most vulnerable sectors.

“Due to their wide availability and the fundamental service they bring, telecommunications providers have become critical infrastructure for the majority of world powers,” they wrote in the report.

“Threat actors, especially those at the level of nation state, are seeking opportunities to attack these organizations, conducting elaborate, advanced operations to gain leverage, seize strategic assets, and collect information. When successful, these attacks often have huge implications.”

Furthermore, the researchers said that when an attack as big as this and with state support, the motive is usually not financial but instead, they aim to collect data like intellectual property and sensitive information about their clients.

One of the most valuable pieces of data that telecommunications providers hold is Call Detail Records (CDRs). CDRs are a large subset of metadata that contains all details about calls, including Source, Destination, and Duration of a Call, Device Details, Physical Location, Device Vendor, and Version.

This information is invaluable for threat actors as they give them intimate knowledge of any individuals they wish to target on that network. Having this information becomes particularly valuable when nation-state threat actors are targeting foreign intelligence agents, politicians, opposition candidates in an election, or even law enforcement.

“Beyond targeting individual users, this attack is also alarming because of the threat posed by the control of a telecommunications provider. Telecommunications has become critical infrastructure for the majority of world powers. A threat actor with total access to a telecommunications provider, as is the case here, can attack however they want passively and also actively work to sabotage the network,” they added.

Continue Reading

Trending