At a glance.
- Amazon sacks leaker.
- Winston Privacy patches.
- Pandemic heightens privacy worries.
Employee fired over Amazon data leak.
IT Pro reports online retail giant Amazon has suffered a customer data leak in which an employee passed customer email addresses on to an unidentified external party. Though Amazon did send a general notification about the incident to customers, it seems the vague nature of the message has done more to worry customers than to alleviate their fears. Amazon did disclose that they have terminated the employee and notified law enforcement, but they have not confirmed how many customers were affected or exactly where the data was leaked. ProPrivacy digital expert Jo O’Reilly told IT Pro “...more transparency with the consumers impacted and what this means for their online privacy is now needed.”
Winston Privacy device vulnerable to remote attacks.
Cybersecurity hardware company Winston Privacy designs an alternative to traditional VPNs that promises to defend users’ privacy by blocking online surveillance. However, it appears Winston’s device might have had difficulty defending itself, reports Security Week. Nine vulnerabilities, many considered critical or highly severe, were discovered in Winston’s product after analysis by Chris Davis, a consultant at offensive security testing firm Bishop Fox, and independent researcher Justin Paglierani. Bishop explained that by luring the user to a malicious website, an attacker could use these vulnerabilities to infiltrate the device remotely. Depending on the configuration, the security flaws could allow a threat actor to bypass firewalls and penetrate the user’s network, or give him access to any data traveling through the device. Since learning about the security issues in July, Winston began working on solutions almost immediately, and patches have been released to customer devices automatically through firmware updates.
Pandemic breeds a virus of privacy concerns.
After conducting a recent survey of one thousand Americans, cell phone comparison service WhistleOut says 80% of Americans think tech giants like Facebook or Google are spying on their conversations, despite all evidence to the contrary, Forbes reports. WhistleOut researcher Madeleine Peterson theorizes the reason for this distrust could be the surge in recent cybersecurity scandals and attacks, especially with the pandemic and the 2020 presidential election being influenced by digital misinformation. Indeed, founder of private search engine Startpage Robert E.G. Beens feels the real game changer has been the pandemic. Stay-at-home policies have forced even more of our interactions online, including work, and without the constant buffer of an office IT admin, work privacy issues feel more tangible. Users have expressed concerns about sharing personal data with COVID-19 contact-tracing apps, and virtual schooling poses added privacy risks to our least privacy-literate constituents: children. Increased awareness of privacy issues could lead to Americans taking the reins on protecting their digital lives by advocating for privacy tools and legislation.