In Case You Missed It: 6 Top Stories of Last Week

An unprotected Elasticsearch server exposed more than 24 million financial and banking documents online. According to the security researcher Bob Diachenko and online publisher TechCrunch, the exposed server contained highly sensitive data of thousands of individuals who took mortgages over the past decade with the U.S. banks and other financial institutions.

Bob Diachenko stated that he identified the unprotected server on January 10, 2019, which contained 24,349,524 credit and mortgages reports in 51 GB size. The server was taken offline and the data was secured on January 15, 2019, after Diachenko reported the incident to the server’s vendor.

Read More

A bug in the Amadeus online ticket booking system exposed passengers’ private data, allowing potential attackers to view and change information. According to the security researcher Noam Rotem at Safety Detective research labs, the security flaw could let anyone manipulate someone’s ticket reservation for any airline which has used the Amadeus reservation system.

Amadeus is one of the largest reservation systems that serves around 141 airlines including customers of British Airways, Air France, Icelandair, United Airlines, Lufthansa, Air Canada, and Qantas. The company provides searching, pricing, booking, ticketing, and other processing services to international travelers and travel agencies.

Read more

Global cybersecurity hub Plexal recently announced partnerships with the Global Cyber Alliance (GCA), City of New York, and the New York Economic Development Corporation. The East London-based co-working space and innovation center stated the new partnerships will help the cybersecurity companies under its umbrella to scale globally.

Plexal claims that it provides consultation and demo opportunities for cybersecurity startups through its hub in East London. Plexal also delivers LORCA, a cybersecurity program backed by United Kingdom government, through its cybersecurity innovation hub.

Read more

BlackRock, an investment management company, recently revealed that it suffered a data breach that exposed personal information of around 20,000 of its financial advisers, including 12,000 members in the U.S. independent broker-dealer LPL Financial. The American based corporation stated that the exposed information included names, email addresses, and other sensitive information. BlackRock is a global investment management corporation based in New York City. The company provides various asset, financial and risk management services to customers.

LPL Financial stated it informed its advisers that BlackRock posted details about some of them on its website. It said that data leak affected the advisers who do business with BlackRock’s iShares exchange-traded funds unit.

Read more

PRNewswire: ERP Maestro, provider of automated and cloud-based controls for access, security and GRC, recently released The Inevitability of Cybercrime, results from a December 2018 survey examining the relationship Americans have with cybercrime and identity theft. The responses revealed that 76 percent of Americans believe they will inevitably become a victim of cybercrime, while 68 percent of cybercrime victims don’t believe they could have prevented the crime from happening.

A cybersecurity research group from the King’s College London notified the UK government to name and shame the companies that fail to protect consumers’ valuable data.

In its latest report dubbed UK Active Cyber Defence: A public good for the private sector, the research team urged the government to publish the details of companies that are not taking necessary steps to keep users’ data safe online. It opined that this would encourage companies to improve their cybersecurity posture and help prevent cybercrimes. The cybersecurity research group of the King’s College promotes research into cybersecurity and works to solve societal challenges.

Read more