We Take Your Privacy and Security. Seriously.

  • 30 September 2014
  • 2 replies
  • 217 views

Userlevel 7
Badge +54
Another interesting article from Brian Krebs
 
29 Sep 14
“Please note that [COMPANY NAME] takes the security of your personal data very seriously.” If you’ve been on the Internet for any length of time, chances are very good that you’ve received at least one breach notification email or letter that includes some version of this obligatory line. But as far as lines go, this one is about as convincing as the classic break-up line, “It’s not you, it’s me.”
 
I was reminded of the sheer emptiness of this corporate breach-speak approximately two weeks ago, after receiving a snail mail letter from my Internet service provider — Cox Communications. In its letter, the company explained:
 
Full Article

 


2 replies

Userlevel 7
Badge +56
Great article, and I can't believe that Cox had their internal application on a public facing interface.
Userlevel 7
Badge +54
6th November 2015
 
In September 2014, I penned a column called “We Take Your Privacy and Security. Seriously.” It recounted my experience receiving notice from my former Internet service provider — Cox Communications — that a customer service employee had been tricked into giving away my personal information to hackers. This week, the Federal Communications Commission (FCC) fined Cox $595,000 for the incident that affected me and 60 other customers.
 
I suspected, but couldn’t prove at the time, that the band of teenage cybercriminals known as the Lizard Squad was behind the attack. According to a press release issued Thursday by the FCC, the intrusion began after LizardSquad member “Evil Jordie” phoned up Cox support pretending to be from the company’s IT department, and convinced both a Cox customer service representative and Cox contractor to enter their account IDs and passwords into a fake, or “phishing,” website.
 
                             http://krebsonsecurity.com/wp-content/uploads/2015/11/utilities-580x593.png
                              According to twofactorauth.org, very few ISPs offer basic email security protection.
 
Full Article

Reply