A mobile provider is hacked, customer records are breached, and the authorities suspect it was an inside job, we’ll share the details.
Then we’ll discuss the NSA induced crisis of trust we now collectively share, plus your questions, our answers, and much much more!
On this week’s TechSNAP!
Thanks to:
Direct Download:HD Video | Mobile Video | MP3 Audio | Ogg Audio | YouTube | HD Torrent | Mobile Torrent RSS Feeds:HD Video Feed | Mobile Video Feed | MP3 Audio Feed | Ogg Audio Feed | iTunes Feeds | Torrent Feed |
— Show Notes: —
Vodafone Germany breached, possibly by insiders
- The internal servers of Vodafone Germany were compromised, and data for over 2 million customers was stolen
- The breach only disclosed information on German customers, who will be notified by mail
- The way the attackers managed to compromise the servers suggest they had help from an insider
- Vodafone turned their evidence over to German police, “An individual has been identified by the police and their assets have been seized.”
- Compromised data:
- customer names
- address
- gender
- birth date
- bank account numbers and bank sort codes
- Other data including phone numbers, credit card numbers and passwords are currently thought to be safe. “No personal call information or browsing data was accessed by the attacker”
- The attack was originally discovered on September 5th, however Police asked the company to withhold the notification while they executed their investigation and made arrests and seizures
- “German news agency DPA reported that the suspect had worked for a contractor of the company and was not a Vodafone employee”
- Additional Coverage
- Vodafone is advising customers to be on the lookout for targeted Phishing scams that might use the personal information gained from this attack to make successful attacks against the victims and their banking and credit card accounts
- eu data breach notification law
Trust
- to believe that someone is good and honest and will not harm you, or that something is safe and reliable
- Bruce Schneier – Trust in Man/Machine Security Systems
- Colin Percival – Don\’t trust me: I might be a spook
- Kevin Mitnick – Use a VPN
- Bruce Schneier – The US Government Has Betrayed the Internet. We Need to Take It Back
- TechRepublic – Escaping the dragnet of surveillance
- Kurt Roeckx – State of encryption
- Bruce Schneier – How Advanced Is the NSA\’s Cryptanalysis—And Can We Resist It?
- The Guardian – How to foil NSA sabotage: use a dead man\’s switch
- Matthew Green – On the NSA
- BoingBoing – Firsthand account of NSA sabotage of Internet security standards
- BBC – \’Money reduces trust\’ in small groups, study shows – Bruce Schneier – The Effect of Money on Trust
- Ed Felton – NSA Apparently Undermining Standards, Security, Confidence
- Bruce Schneier – Americans Must Sacrifice Some Security to Reform the NSA
You can buy a 2 letter domain name like IG.com sells for $4.7 million – Or you can buy your .com from GoDaddy for $1.99
Feedback
Round Up:
- NSA surveillance: how to stay secure | Bruce Schneier
- ISC looking for help tracking a new adaptive botnet, possibly related to Blackhole malware toolkit
- LastPass : The last password you\’ll have to remember: LastPass and the NSA Controversy
- Intel announces new Atom Z3000 series
- Google’s plan to make it harder for the NSA to spy on users
- Seagate announces new ‘Shingled Magnetic Recording’, layers tracks on top of each other to increase bit density.
- Researchers find flaws in the installation mechanism of of the GameHouse platform
- New paper details keylogged that stealthily runs on your GPU
- Google, Yahoo and Facebook ammend requests to publish transparency reports
- The challenges of running a PriateBay Proxy to defeat Censorship
- New zeroday exploit for USB internet modem puts millions of PCs at risk