Nepo vamwe vanga vachinakidzwa nezororo ravo rezhizha, vamwe vainakidzwa nekutora kwavo data rakavanzika. Cloud4Y yakagadzirira pfupiso yezvesensational data inodonha zhizha rino.
Chikumi
1.
Zvinopfuura zviuru mazana mana emakero eemail uye zviuru zana nemakumi matanhatu nhamba dzenhare, pamwe ne400 login-password pairs yekuwana maakaundi ega evatengi vekambani hombe yekutakura Fesco yaive munharaunda yeruzhinji. Panogona kunge paine data shoma chaiyo, nekuti... zvinyorwa zvinogona kudzokororwa.
Logins uye mapassword anoshanda, anobvumidza iwe kuti uwane ruzivo rwakakwana nezvekufambisa kunoitwa nekambani kune mumwe mutengi, kusanganisira zvitupa zvebasa rakapedzwa uye scans emainvoice ane zvitambi.
Iyo data yakaitwa pachena kuburikidza nematanda akasiiwa neCyberLines software inoshandiswa naFesco. Kuwedzera kune logins uye mapassword, matanda zvakare ane ega data yevamiriri veFesco vatengi makambani: mazita, nhamba dzepasipoti, nhamba dzenhare.
2.
Musi waChikumi 9, 2019, yakazozivikanwa nezve data rekudonha kwevatengi zviuru mazana mapfumbamwe emabhangi eRussia. Passport data, nhamba dzenhare, nzvimbo dzekugara uye basa revagari veRussian Federation zvakaiswa pachena. Vatengi veAlfa Bank, OTP Bank neHKF Bank vakabatwa, pamwe nevashandi vangangosvika mazana mashanu veBazi rezvemukati menyika nevanhu makumi mana kubva kuFSB.
Nyanzvi dzakawana dhatabhesi mbiri dzevatengi veAlfa Bank: imwe ine data pane vanopfuura zviuru makumi mashanu neshanu vatengi kubva 55-2014, yechipiri ine 2015 marekodhi kubva 504-2018. Yechipiri dhatabhesi ine zvakare data pane account chiyero, inogumira kune huwandu hwe2019-130 zviuru rubles.
Chikunguru
Zvinoita sekuti vanhu vazhinji vaive pazororo muna Chikunguru, saka kwaingova neruzevha rumwe chete rwaionekwa mwedzi wese. Asi chii!
3.
Pakupera kwemwedzi, yakasvika pakuzivikanwa nezvehukuru hwe data reak yevatengi vebhangi. Mari inobata Capital One yakatambura, ichifungidzira kukanganisa kwa $ 100-150 miriyoni.Nekuda kwekubira, vapambi vakawana data ye100 miriyoni Capital One vatengi muUS uye 6 miriyoni muCanada. Ruzivo rwekukumbira makadhi echikwereti uye data yevaridzi vemakadhi varipo zvakakanganiswa.
Iyo kambani inotaura kuti data yekadhi rechikwereti pachayo (nhamba, CCV makodhi, nezvimwewo) yakaramba yakachengeteka, asi 140 zviuru nhamba dzekuchengetedzwa kwevanhu uye 80 zviuru zvebhangi account zvakabiwa. Pamusoro pezvo, ma scammers akawana nhoroondo dzechikwereti, zvirevo, kero, mazuva ekuzvarwa uye mihoro yevatengi vesangano rezvemari.
MuCanada, nhamba dzinoda kusvika miriyoni dzekuchengetedzwa kwevanhu dzakakanganiswa. Iwo matsotsi akawanawo data pamakadhi ekutengeserana akapararira kwemazuva makumi maviri nematatu e23, 2016 uye 2017.
Capital One yakaita ongororo yemukati uye ikataura kuti ruzivo rwakabiwa harugone kunge rwakashandiswa kuita zvehutsotsi. Hameno kuti raishandiswa maani ipapo?
August
Takazorora muna July, takadzokera muna August nesimba rakawedzerwa. Saka.
Zvakawanda zvakatotaurwa pamusoro pekuchengetedza biometrics uye hezvino taenda zvakare ...
4.
Pakati paNyamavhuvhu 2019, kuvuza kweanopfuura miriyoni zvigunwe zvemunwe uye imwe data inonzwisisika yakawanikwa. Vashandi vekambani iyi vanoti vakawana ruzivo rwebiometric data kubva kuBiostar 2 software.
Biostar 2 inoshandiswa nezviuru zvemakambani pasi rese, kusanganisira Mapurisa eLondon, kudzora kupinda kwenzvimbo dzakachengeteka. Suprema, mugadziri weBiostar 2, anoti iri kutoshanda pakugadzirisa dambudziko iri. Vatsvagiri vanocherekedza kuti pamwe chete nemarekodhi eminwe, vakawana mafoto evanhu, data rekuzivikanwa kumeso, mazita, kero, mapassword, nhoroondo yebasa uye zvinyorwa zvekushanya kunzvimbo dzakachengetedzwa. Vazhinji vakakuvadzwa vari kunetsekana kuti Suprema haina kuburitsa mukana wekutyora data kuitira kuti vatengi vayo vatore matanho pasi.
Pakazara, 23 gigabytes yedata ine angangoita mamirioni makumi matatu marekodhi akawanikwa pane network. Vatsvagiri vanocherekedza kuti ruzivo rwebiometric harugone kuva chakavanzika mushure mekudonha kwakadaro. Pakati pemakambani ane data rakaburitswa aisanganisira Power World Gyms, gym muIndia neSri Lanka (30 mushandisi zvinyorwa zvinosanganisira zvigunwe), Global Village, mutambo wepagore muUAE (113 zvigunwe zvigunwe), Adecco Staffing, kambani yeBelgian inopinza vanhu basa (796). zvigunwe). Kudonha kwacho kwakabata vashandisi veBritish nemakambani zvakanyanya - mamirioni emarekodhi emunhu aiwanikwa pachena.
Payment system Mastercard yakazivisa zviri pamutemo vatongi veBelgian neGerman kuti muna Nyamavhuvhu 19 kambani yakanyora kuburitswa kwedata kwe "nhamba huru" yevatengi, "chikamu chakakosha" vagari veGerman. Iyo kambani yakaratidza kuti yakanga yatora matanho anodiwa uye yakadzima data rese revatengi raive rabuda paInternet. Maererano ne Mastercard, chiitiko chacho chine chokuita nepurogiramu yekuvimbika yekambani yechitatu yeGermany.
5.
Ukuwo vekwedu havanawo hope. Sezvavanotaura: "Ndinokutendai kuRussia Railways, asi kwete."
Leak yedata yevashandi veRussia Railways, iyo , yakava yechipiri pakukura muRussia muna 2019. Nhamba dzeSNILS, kero, nhamba dzenhare, mapikicha, mazita akazara uye zvinzvimbo zvevashandi ve703 zviuru zveRussia Railways kubva ku730 zviuru zvakaitwa pachena.
Russian Railways iri kutarisa kuburitswa uye kugadzirira kukwidza kumatare edzimhosva. Iyo yega data yevafambi haina kubiwa, kambani inovimbisa.
6.
Uye nezuro chaiye, Imperva yakazivisa kuburitswa kweruzivo rwakavanzika kubva kune akati wandei evatengi vayo. Chiitiko ichi chakabata vashandisi veImperva Cloud Web Application Firewall CDN service, yaimbozivikanwa seIncapsula. Sekureva kwakabudiswa pawebhusaiti yeImperva, kambani iyi yakaziva nezvechiitiko ichi musi wa20 Nyamavhuvhu gore rino mushure mekuburitswa kwedata kune vakati wandei vevatengi vaive nemaakaundi mubasa iri pamberi paGunyana 15, 2017.
Ruzivo rwakakanganiswa rwaisanganisira email kero uye password hashes yevashandisi vakanyoresa pamberi paGunyana 15, 2017, pamwe nemakiyi eAPI uye zvitupa zveSSL zvevamwe vatengi. Iyo kambani haina kuburitsa ruzivo nezve kuti chaizvo kuburitswa kwedata kwakaitika sei. Vashandisi veiyo Cloud WAF sevhisi vanokurudzirwa kushandura mapassword kumaakaundi avo, kugonesa mbiri-chinhu chechokwadi uye kushandisa imwe chete kusaina-on meshini (Single Sign-On), pamwe nekudhawunirodha zvitupa zvitsva zveSSL uye kusetazve makiyi eAPI.
Pakuunganidza ruzivo rwemuunganidzwa uyu, imwe pfungwa yakabuda nekusazvidira: mangani mavuza anoshamisa achatiunzira matsutso?
Ndezvipi zvimwe zvaungaverenga pane blog?
→
→
→
→
→
Nyorera kune yedu -chiteshi kuti usapotsa chinyorwa chinotevera! Isu tinonyora kwete kanopfuura kaviri pavhiki uye chete pabhizinesi.
Source: www.habr.com