Heena Sharma Blog

  US telecommunications giant T-Mobile has suffered a security breach that may have exposed call records and phone numbers for some of its customers. According to T-Mobile, the data breach did not expose account holders' names, physical addresses, email addresses, financial data, credit card information, social security numbers, tax IDs, passwords or PINs. First reported by Bleeping Computer, T-Mobile said the breach exposed customers' proprietary network information (CPNI), including phone numbers and call records. "Customer proprietary network information (CPNI) as defined by the Federal Communications Commission (FCC) rules was accessed," the company said in a security update. "The CPNI accessed may have included phone number, number of lines subscribed to on your account and, in some cases, call-related information collected as part of the normal operation of your wireless service", it added. Read More

A recent Federal Trade Commission (FTC) order holding US-based Cambridge Analytica guilty of “deceptive practices to harvest personal information from tens of millions of Facebook users for voter profiling and targeting” has shed new light on the business of psychological profiling aimed at predicting voter behavior. The Commission’s order spells in great detail the technicalities, business and potential impact of voter-profiling on election results. How did the Cambridge Analytica model work? The now-bankrupt firm’s chief Alexander Nix primarily relied on new research that was done in the University of Cambridge that used Facebook profile information to predict an individual’s personality according to the OCEAN scale. The OCEAN scale is also known as the five big personality traits measure an individual’s personality on five counts - openness, conscientiousness, extraversion, agreeableness, and neuroticism. Researchers had developed an algorithm that used an individual’s F...

Senior government officials in multiple US-allied countries were targeted earlier this year with hacking software that used Facebook-owned instant messaging app WhatsApp to take over users' phones, according to people familiar with the messaging company's investigation. Sources familiar with WhatsApp’s internal investigation into the breach said a “significant” portion of the known victims were high-profile government and military officials spread across at least 20 countries in five continents. The hacking of a wider group of top government officials' smartphones than previously reported suggests the WhatsApp cyber intrusion could have broad political and diplomatic consequences. WhatsApp filed a lawsuit on Tuesday against Israeli hacking tool developer NSO Group. The Facebook-owned software giant alleges that NSO Group built and sold a hacking platform that exploited a flaw in WhatsApp-owned servers to help clients hack into the cellphones of at least 1,400 us...

It’s tempting to give up on data security altogether, with all the billions of pieces of personal data – Social Security numbers, credit cards, home addresses, phone numbers, passwords and much more – breached and stolen in recent years. But that’s not realistic – nor is the idea of going offline entirely. In any case, huge data-collection corporations vacuum up data about almost every American without their knowledge. As cybersecurity researchers, we offer good news to brighten this bleak picture. There are some simple ways to protect your personal data that can still be effective, though they involve changing how you think about your own information security. The main thing is to assume that you are a target. Though most individual people aren’t specifically being watched, software that mines massive troves of data – enhanced by artificial intelligence – can target vast numbers of people almost as easily as any one person. Think defensively about how you can protect yours...

About 100 million users of Quora were affected by unauthorized access to one of its systems by a "malicious third party," the knowledge-sharing website said on Monday. Account information, including name, email address, encrypted password and data imported from linked networks when authorized by users may have been compromised, it said. The company said it is logging out all Quora users who may have been affected to prevent further damage. "We are in the process of notifying users whose data has been compromised," Quora CEO Adam D'Angelo said in a blog post. The breach, discovered on Friday, did not affect question and answers that are written anonymously, the company said, adding that it has also notified law enforcement officials. "We have retained a leading digital forensics and security firm to assist us," it said. Read More Business Standard