At a glance.
- Drop in online shopping could be connected to lack of customer trust.
- Australian student data potentially exposed in data breach.
- Cop27 summit app could be used as surveillance tool.
- The latest on the Medibank data breach.
Drop in online shopping could be connected to lack of customer trust.
With online shopping showing a recent decline, cybersecurity and content delivery network firm Akamai partnered with YouGov to conduct a survey on consumers’ feelings about shopping on the web. After surveying around two thousand online shoppers in the UK, they found that 59% would stop shopping at a retailer if it fell victim to cyberattack, and about half of respondents said they don’t trust online retailers to keep their personal information safe. The distrust is not surprising given that 64% of online shoppers said they’d suffered a cyberattack attempt in the past year, and Akamai’s “Web Application and API Threat Report” found that web application and API attacks increased by a whopping 301% between July 2021 and July 2022. Richard Meeus, Akamai’s director of security technology and strategy in EMEA at Akamai told the Fintech Times, “With cyberattacks on the rise, it is more important than ever for retailers to ensure their customers feel safe and secure while shopping online. At this time of economic uncertainty, many retailers will be tempted to cut budgets. This research shows that cybersecurity is one area where they cannot afford to cut corners.”
Australian student data potentially exposed in data breach.
The breach of Australian tech company PNORS Technology Group may have resulted in the exposure of data belonging to students located in the state of Victoria, the Sunday Age reports. PNORS works with six state departments including Education and Training, and it appears that information from the Victorian school entrance health questionnaire was included in the breached data. The questionnaire collects sensitive information like demographics, developmental and behavioral issues, and family alcohol or drug problems. The Department of Education has neither confirmed nor denied that the data was compromised, and the Department of Premier and Cabinet would only disclose that the government is aware of the incident and is working with PNORS to determine the full scope of the breach. “If it is determined that Victorian Government data has been exposed as a result of this breach, departments will notify impacted individuals and provide advice on steps they can take to minimise any risk,” the spokesman said. PNORS chief executive Paul Gallo stated that the company initially thought only encrypted systems had been compromised. “However, overnight the criminals behind the cyberattack released to the company in a private communication a sample of what is believed to be stolen data,” Gallo said. Meanwhile, Ormond independent school Kilvington Grammar School has already notified families that school data were breached and some personal information published.
Cop27 summit app could be used as surveillance tool.
As over 25,000 government officials, journalists, and activists from around the world gathered at the Cop27 climate talks being held in Sharm el-Sheikh, Egypt this weekend, some worry that the Egyptian government could use the summit’s official app to monitor and censor attendees. The Cop27 app requires users to agree to a host of permissions, including allowing Egypt’s ministry of communications and information technology to view emails and photos and track users’ locations. In the days before the UN summit, Egypt’s authoritarian government carried out mass arrests of people accused of being dissenters, and there are concerns the app could be used by Abdel Fatah al-Sisi’s regime to suss out opposition at the talks. Gennie Gebhart, advocacy director at the Electronic Frontier Foundation, told the Guardian, “This is a cartoon super-villain of an app. The biggest red flag is the number of permissions required, which is unnecessary for the operation of the app and suggests they are trying to surveil attendees.” Amnesty International’s Hussein Baoumi said the organization's tech experts had analyzed the app and found that it was able to access a user’s camera, microphone, Bluetooth, and location data and even pair two different apps. Baoumi added, “It collects data and sends them to two servers, including one in Egypt.” Due in part to the Egyptian government’s fears surrounding digital communications after the popular uprising of 2011, officials have established a highly sophisticated surveillance system to monitor citizens’ communications, and with the large number of high-profile attendees at the summit, it would be an attractive target for officials looking to keep tabs on participants. The Cop presidency and the Egyptian ministry of foreign affairs were approached for comment but have not yet responded.
The latest on the Medibank data breach.
In continued coverage of the recent data breach of Australian insurance provider Medibank, the total number of individuals impacted in the incident has risen to approximately 9.7 million former and current customers. As ABC Australia details, this number includes 5.1 million Medibank customers, 2.8 million ahm customers and 1.9 million international customers. Depending on which of these categories the victim falls into, the data exposed includes names, dates of birth, street addresses, contact information, health claims data, passport details, and visa information. The company says it will contact customers individually to explain what data it believes was accessed and provide guidance on how to respond. Bloomberg Law notes that the hackers did contact Medibank to request a ransom for the return of the data, but the company refused to give in. Medibank CEO David Koczkar explained to ABC Australia why the company decided not to meet the cybercriminals’ demands. “You just can’t trust a criminal,” Koczkar stated, adding that the company heeded the advice of cybercrime experts who have found that giving in to such demands is no guarantee that the data will be secured and often leads to further exposure.