.png?width=200&name=CH%20Diligence%20(thicker%20line).png "CH Diligence (thicker line).png")
The Target: Toyota, a Japanese car manufacturer
The Take: Two cloud databases exposed Personally Identifiable Information including: physical address, name, phone number, email address, customer ID, vehicle registration number, and vehicle identification numbers.
The Vector: Several misconfigured cloud databases were left open and unsecured with no password, meaning anyone with an internet connection could have downloaded the data.
Securing access to databases through rigorous password hygiene is an essential component of security, and cloud databases are no exception. Furthermore, the data stolen in this attack can be used for crafting highly effective automotive-based phishing attacks. Regular security compliance reviews can help prevent these breaches.
Business Wire: Galvanick, the cybersecurity solution for protecting industrial infrastructure against cyber attacks, announced its $10 million seed round.
Yahoo Finance: EC-Council, the global leader in cybersecurity education and training, released its Certified Chief Information Security Officer Hall of Fame Report, honouring the top 50 Certified CISOs globally.
Dark Reading: Despite a more cautious approach to financing, investors continue to scour the country for the next generation of cybersecurity startups that can aid enterprises in the never-ending quest to safeguard critical IT systems.
Investment Executive: The recent data breach that affected customers of Toronto-based InvestorCOM Inc. has reminded large financial services firms of the importance of cybersecurity preparation.
PR Newswire: Governments worldwide are becoming increasingly digital, leading to more prevalent and more diverse cyberattacks.
Mondaq: Recent enforcement actions highlight the increased regulatory scrutiny that private funds may face with respect to internal cybersecurity protocols and responses to cyber-crimes and cyber incidents under new and updated cybersecurity laws.
The Guardian: About 90 organizations have reported breaches of personal information held by Capita after the outsourcing group suffered a cyber-attack, Britain’s data watchdog has said.
The Target: SuperVPN, a popular free VPN service provider.
The Take: Exposed database containing of 360,308,817 million records of wide-ranging sensitive information including: email addresses, original IP addresses, geolocation data, UUID numbers, operating systems, internet connection types, and VPN application versions.
The Vector: A misconfigured database was left open and unsecured with no password, meaning anyone with an internet connection could have downloaded the data.
This breach is a perfect example of a preventable cyber incident. Securing access to databases through rigorous password hygiene is an essential component of security. Furthermore, the data stolen in this attack can be used for crafting highly effective phishing attacks. Companies should take every measure necessary to secure customer data.
Blockchain News: Leading cryptocurrency exchange Binance has assisted US law enforcement in seizing $4.4 million and freezing accounts associated with North Korean organized crime.
Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →
Montreal
1080 Côte du Beaver Hall, Suite 904
Montreal, QC
Canada, H2Z 1S8
+1-450-465-8880
Halifax
84 Chain Lake Drive, Suite 501
Halifax, NS
Canada, B3S 1A2
+1-902-429-8880
London
1 Pancras Square, Kings Cross
Gridiron Building
London, N1C 4AG
United Kingdom
+44 20 3036 0828
Prague
Pujmanové 1753/10a,
140 00 Praha 4.
Czech Republic
Manila
Ground Floor, Three E-com Center
Mall of Asia Complex
Pasay City, Metro Manila
Philippines 1300
Abu Dhabi
Floor No.15 Al Sarab Tower,
Adgm Square,
Al Maryah Island, Abu Dhabi, UAE
Tel: +971 (2) 694 8510
Sydney
Level 36 Governor Phillip Tower
1 Farrer Place Sydney 2000
Australia
+61 (2) 8823 3370
Copyright © 2021 Entreprise Castle Hall Alternatives, Inc. All Rights Reserved.
Terms of Service and Privacy Policy