Shane Chambers No Comments

Harvey Norman Among Companies Compromised in Third-Party Data Breach

Harvey Norman, the retail giant with 13 stores in the Republic and a further two stores in Northern Ireland, has admitted to customers that it suffered a data breach through a third-party tool used on its website. “We wish to alert you to a data breach that has occurred in the systems of a third-party website service provider, Typeform, which has resulted in the unauthorised access to some Harvey Norman data,” the company said earlier this week in a statement.


Harvey Norman was just one of the many companies affected by a breach at Typeform, a third-party website service provider

Read more

Shane Chambers No Comments

How to Check If Your Business or Personal Email May Have Been Compromised

It’s 2018, and cyber crime is on the rise. It seems every other week there is another data breach or cyber attack somewhere in the world, and many people are rightfully apprehensive that they may be hacked too, or even that their details may have been exposed online through a breach of a service that they use. What if your email and password were compromised in the Adobe breach in 2013, the Yahoo breach in 2016, or the LinkedIn breach in 2012? What if your email had been obtained online and sold to cyber criminals as part of a spam list, such as Exploit.In, or the Anti Public Combo List, both discovered in 2016? If so, you may be at risk of hackers gaining access to your accounts, or even committing identity fraud against you. Luckily, security researcher and Microsoft regional director Troy Hunt has developed a database so that you can check to see if you’ve been compromised – so you can secure your online presence again.


haveibeenpwned.com is a breach database run by security researcher and Microsoft regional director Troy Hunt

Read more

Shane Chambers No Comments

EU-US Data Transfer May Be Stopped As Privacy Shield Comes Under Fire

The flow of data between the United States and the EU may be at risk as tensions are rising around Privacy Shield. If you haven’t been living under a rock for the last two years, you will likely have heard of the GDPR – the EU data protection regulation that now fiercely protects EU citizen data, whether in the hands of a non-EU or EU-based organisation. You may have wondered, then, how companies in places like the US are still able to legally hold and process EU data without falling foul of the GDPR, and the answer is Privacy Shield. Privacy Shield is a framework that allows companies on both sides of the Atlantic to transfer data while complying with the GDPR. However, this may all soon change, with Members of the European Parliament calling for Privacy Shield to be brought up to scratch or invalidated.


Privacy Shield’s predecessor, Safe Harbour, was already invalidated in 2016 after it was ruled to be inadequate by the EU

Read more

Shane Chambers No Comments

How the Latest Zero-Day Flash Bug Bypasses Your Antivirus and Firewall

Adobe has been forced to release an out-of-schedule emergency security patch to its users, after a zero-day vulnerability was discovered to affect Adobe Flash Player. Users are being urged by Adobe to update to version 30.0.0.113 of Flash Player, which contains mitigations for the zero-day as well as addressing three other flaws. This latest flaw was discovered already being used in the wild to attack Windows users, and doesn’t exploit browsers like typical Flash exploits – instead, it works through Microsoft Office documents which it utilises to download and execute malicious code.


Most Flash exploits take advantage of web browsers, however this zero-day utilises Office documents and is usually received through phishing emails

Read more

Shane Chambers No Comments

University of Greenwich Ordered to Pay £120,000 After Data Leak

In one of the last data breach fines to be handed down in a pre-GDPR Europe, the University of Greenwich has been ordered to pay a £120,000 fine to the Information Commissioner’s Office. The breach in question stemmed from a micro-website set up by students in 2004, and ultimately resulted in the details of 20,000 staff members and students being leaked online.


The University of Greenwich, in London, has accepted that it was responsible for the incident, and intends to pay the fine immediately.

Read more