Saturday, 8 September 2018

BA.. an update

Since the last post, more information has been disclosed about the data breach at British Airways.

It seems that a web form was compromised on an internet facing server, which meant the hackers (for want of a better description) were able to capture the personal and financial information of the people making ticket purchases.

This worse than expected as the CVV2 (the digits on the back of the card were captured as well). This means it's possible to make purchases on the credit cards, as names, addresses and full credit card information was captured.

A couple of points, it's admirable that British Airways detected the breach so quickly and can pinpoint when it happened.

It's disappointing that it did happen, especially with the number of records and the type of data.  Without more information, we don't know how preventable this data breach was.

Will it be the last data breach?  No, of course not.

Normal advice applies, change passwords, if you're using the same passwords across multiple sites (or use a password manager), check for unusual activity on your credit and debit cards, and make use of fraud detection services, if they are offered.

Thursday, 6 September 2018

BA... "Bad Action"


So after Air Canada's data breach, it looks like British Airways has lost a suspected 380,000 records, including personal and financial information.

After these two airline breaches, a differentiator would be airlines showing they care about information security. I know I would use them as a first choice over Air Canada and British Airways.

The only way to force improvement in the industry is to vote with our feet.

British Airways probes customer data theft - http://www.bbc.co.uk/news/uk-england-london-45440850

Friday, 31 August 2018

Oh-Air Canada


Air Canada are in the midst of dealing with a data breach with sensitive data that could lead to identify fraud.

The data that has been lost includes the usual, name, address, email address and telephone numbers. In addition, passport information, country of residence, nationality and dates of birth have been lost.

Although the investigation is on going about how this has happened, it has been highlighted that there is a poor password policy on the Air Canada site, only allowing passwords of 6 to 10 characters, with only letters and numbers allowed.  It makes it all too easy to use use simple passwords on the site, and complex passwords would not be accepted.

Not great news as government issued documents like passports and driving licences are used as a form of ID typically in the safe keeping of the owner.  So use advice, keep tabs on financial activities on your accounts, and consider regularly checking your credit score for anomalies.

Wednesday, 22 August 2018

Superdrug, but not super security

Another day and we see another high profile data breach in the news. This time Superdrug are believed to have had a data breach with a loss of the personal details of 20,000 individuals.
These are the initial figures reported, so could change, if it's anything like the Dixons Carphone reports.

"Only" personal details have been lost and not banking or payment card information. The usual advice applies, change passwords, especially if you use the same password in multiple places on the same email address.


Wednesday, 15 August 2018

When you read "Putting Stickers On Your Laptop Is Probably a Bad Security Idea"...

https://motherboard.vice.com/en_us/article/pawvnk/stickers-on-laptop-operational-security-bad-idea

There is a quote from the article that says: “Conferences, border crossing[s], airports, public places—stickers will/can get you targeted for opposition research, industrial espionage, legal or investigative scrutiny,”

It looks like I may need a travel laptop!


Wednesday, 8 August 2018

Blogging overhaul

I bought this domain over 18 years ago on a whim.  Since then little has been done with it, except host this blog, and use the web page to redirect here.

After all the changes to Chrome and the recommendation for HTTPS sites, that needed fixing for both my website and this blog.  It would be strange to got to a secure blog that was hosted on HTTP!

After digging out old passwords, I've transferred my host name from China (I have no idea how it ended up there) and brought it LCN.  I've opted to create a simple website to mimic the sort of information I have on LinkedIn, and enabled HTTPS on Blogger.

I realise I've left this blog alone for around a year, around the same time I took on a new role at work.  As I've got into the swing of things, I'll get this blog back on track with a focus on cyber security.

I may back fill the last year's worth of blogs about major breaches and incidents, but we'll see as the focus will be new articles and comments going forward.  As a sign of things to come, and giving it a name and logo makes it "a thing", I've created a simple logo to use with this blog.

Enjoy the new content going forward!

 blog.andytang.com