Yayin da wasu ke jin daɗin hutun bazara, wasu suna jin daɗin ɗaukar bayanai masu mahimmanci. Cloud4Y ya shirya taƙaitaccen bayyani na leken asirin abubuwan da ke faruwa a lokacin bazara.
Yuni
1.
Fiye da adiresoshin imel 400 da lambobin tarho dubu 160, da kuma nau'ikan kalmar sirri guda 1200 don shiga cikin asusun abokan ciniki na babban kamfanin sufuri na Fesco suna cikin yankin jama'a. Wataƙila akwai ƙarancin bayanan gaske, saboda... Ana iya maimaita shigarwar.
Shiga da kalmomin shiga suna aiki, suna ba ku damar samun cikakken bayani game da sufuri da kamfani ke yi don takamaiman abokin ciniki, gami da takaddun shaida na kammala aikin da sikanin daftari tare da tambari.
An samar da bayanan a bainar jama'a ta hanyar rajistan ayyukan da manhajar CyberLines ta bar ta Fesco. Baya ga shiga da kalmomin shiga, rajistan ayyukan sun ƙunshi bayanan sirri na wakilan kamfanonin abokin ciniki na Fesco: sunaye, lambobin fasfo, lambobin tarho.
2.
A ranar 9 ga Yuni, 2019, ya zama sananne game da kwararar bayanan abokan ciniki dubu 900 na bankunan Rasha. Bayanan fasfo, lambobin tarho, wuraren zama da aikin 'yan ƙasa na Tarayyar Rasha an gabatar da su a bainar jama'a. Abokan huldar bankin Alfa da bankin OTP da bankin HKF da kuma ma’aikatan ma’aikatar harkokin cikin gida kusan 500 da kuma mutane 40 daga FSB ne abin ya shafa.
Masana sun gano bayanai guda biyu na abokan huldar bankin Alfa: daya ya kunshi bayanai kan abokan hulda fiye da dubu 55 daga shekarar 2014-2015, na biyu ya kunshi bayanai 504 daga shekarar 2018-2019. Har ila yau, bayanan na biyu ya ƙunshi bayanai akan ma'auni na asusun, iyakance ga kewayon 130-160 dubu rubles.
Yuli
Ya bayyana cewa yawancin mutane suna hutu a watan Yuli, don haka akwai ɗigo ɗaya kawai a duk wata. Amma me!
3.
A ƙarshen wata, ya zama sananne game da mafi girman leɓar bayanan abokan ciniki na banki. Babban bankin da ke rike da kudi ya sha wahala, inda aka yi kiyasin barnar da aka yi a kan dala miliyan 100-150. A sakamakon kutsen, maharan sun samu damar yin amfani da bayanan abokan hulda na Capital One miliyan 100 a Amurka da miliyan 6 a Canada. Bayanai daga aikace-aikacen katunan kuɗi da bayanan masu riƙe katin sun lalace.
Kamfanin ya yi iƙirarin cewa bayanan katin kuɗi da kansa (lambobi, lambobin CCV, da dai sauransu) sun kasance lafiya, amma an sace lambobin tsaro dubu 140 da asusun banki 80 dubu XNUMX. Bugu da ƙari, masu zamba sun sami tarihin bashi, bayanai, adireshi, kwanakin haihuwa da albashi na abokan ciniki na ma'aikatar kudi.
A Kanada, kusan lambobi miliyan ɗaya sun lalace. Masu satar bayanan sun kuma samu bayanai kan hada-hadar kati da aka warwatse cikin kwanaki 23 na 2016, 2017 da 2018.
Capital One ta gudanar da wani bincike na cikin gida inda ta bayyana cewa da wuya a yi amfani da bayanan da aka sace don yin magudi. Ina mamakin wanne ne aka yi amfani da shi a lokacin?
Agusta
Bayan mun huta a watan Yuli, mun dawo a watan Agusta tare da sabon kuzari. Don haka.
An riga an faɗi abubuwa da yawa game da adana kayan aikin biometric kuma a nan za mu sake komawa...
4.
A tsakiyar watan Agustan 2019, an gano zubewar sawun yatsu sama da miliyan guda da wasu mahimman bayanai. Ma'aikatan kamfanin sun yi iƙirarin cewa sun sami damar yin amfani da bayanan biometric daga software na Biostar 2.
Biostar 2 yana amfani da dubban kamfanoni a duniya, ciki har da 'yan sandan London, don sarrafa damar shiga shafukan yanar gizo. Suprema, mai haɓaka Biostar 2, ya yi iƙirarin cewa ya rigaya yana aiki kan mafita ga wannan matsalar. Masu binciken sun lura cewa tare da bayanan yatsa, sun sami hotunan mutane, bayanan gane fuska, sunaye, adireshi, kalmomin shiga, tarihin aiki da bayanan ziyartan wuraren da aka kariya. Yawancin wadanda abin ya shafa sun damu cewa Suprema bai bayyana yuwuwar keta bayanan ba don haka abokan cinikinta za su iya daukar mataki a kasa.
Gabaɗaya, an gano gigabytes 23 na bayanai masu ɗauke da bayanai kusan miliyan 30 akan hanyar sadarwar. Masu binciken sun lura cewa bayanan biometric ba za su taɓa zama sirri ba bayan irin wannan zubewar. Daga cikin kamfanonin da aka fallasa bayanansu sun hada da Power World Gyms, dakin motsa jiki a Indiya da Sri Lanka (rakodin masu amfani da 113 ciki har da alamun yatsa), Global Village, bikin shekara-shekara a UAE (hanyoyin yatsan hannu 796), Adecco Staffing, wani kamfani na daukar ma'aikata na Belgium (15). yatsun hannu). Ledar ta shafi masu amfani da kamfanoni da kamfanoni na Biritaniya - miliyoyin bayanan sirri suna samuwa kyauta.
Tsarin biyan kuɗi Mastercard bisa hukuma ya sanar da hukumomin Belgian da na Jamus cewa a ranar 19 ga Agusta kamfanin ya yi rikodin ɗigon bayanai na "yawan adadin" abokan ciniki, "babban ɓangaren" 'yan ƙasar Jamus ne. Kamfanin ya nuna cewa ya dauki matakan da suka dace tare da goge duk bayanan abokan cinikin da suka bayyana a Intanet. A cewar Mastercard, lamarin yana da alaka da shirin aminci na wani kamfani na Jamus.
5.
A halin yanzu, ’yan uwanmu ma ba su yi barci ba. Kamar yadda suke cewa: "Na gode wa Railways na Rasha, amma a'a."
Leak na bayanai na ma'aikata na Rasha Railways, wanda , ya zama na biyu mafi girma a Rasha a cikin 2019. Lambobin SNILS, adireshi, lambobin tarho, hotuna, cikakkun sunaye da mukamai na ma'aikatan Railways na Rasha dubu 703 daga cikin dubu 730 sun fito fili.
Layin dogo na Rasha yana duba littafin kuma yana shirya roko ga hukumomin tilasta bin doka. Ba a sace bayanan fasinjojin ba, kamfanin ya tabbatar.
6.
Kuma a jiya, Imperva ya ba da sanarwar fitar da bayanan sirri daga adadin abokan cinikinsa. Lamarin ya shafi masu amfani da sabis na Imperva Cloud Web Application Firewall CDN, wanda aka fi sani da Incapsula. Bisa labarin da aka wallafa a shafin intanet na Imperva, kamfanin ya samu labarin faruwar lamarin ne a ranar 20 ga watan Agustan wannan shekara, bayan da wani rahoto ya nuna cewa wasu abokan huldar da ke da asusu a cikin ma'aikatar, kafin ranar 15 ga Satumba, 2017.
Bayanan da aka lalata sun haɗa da adiresoshin imel da hashes na kalmar sirri na masu amfani da suka yi rajista kafin Satumba 15, 2017, da maɓallan API da takaddun shaida na SSL na wasu abokan ciniki. Kamfanin bai bayyana cikakken bayani game da ainihin yadda yabo bayanan ya faru ba. Ana ba masu amfani da sabis na WAF na Cloud su canza kalmomin shiga don asusunsu, ba da damar tantance abubuwa biyu da aiwatar da tsarin sa hannu guda ɗaya (Sign-On Single), da kuma zazzage sabbin takaddun shaida na SSL da sake saita maɓallan API.
Lokacin tattara bayanai don wannan tarin, tunani ya bayyana ba da gangan ba: nawa leaks masu ban mamaki da kaka za su kawo mana?
Me kuma za ku iya karantawa akan blog?
→
→
→
→
→
Kuyi subscribing din mu - tashar, don kada ku rasa labarin na gaba! Ba mu rubuta fiye da sau biyu a mako ba kuma akan kasuwanci kawai.
source: www.habr.com