Information security analytics

Pawning and remittance firm Cebuana Lhuillier on Saturday admitted that its servers have been breached, which may have compromised personal data of around 900,000 clients, the portal GMA News Online reports. In a notice sent to its customers through email, the company's data privacy officer informed clients of the incident.

Researchers have disclosed the existence of a server exposed to the public which not only contained terabytes of confidential government data but information relating to FBI investigations, the website ZDNet reports. According to UpGuard cybersecurity researchers Greg Pollock and Chris Vickery, the open storage server belonged to the Oklahoma Department of Securities (ODS), a US government department which deals with securities cases and complaints.

Politicians inevitably access restricted information, such as state secrets, election campaign plans, personal data of party members, and other information that can be leaked as a result of various incidents. This is a digest of recent data leaks from executive and legislative bodies and political organizations, prepared by InfoWatch Analytical Center.

Even though fingerprints, iris images, voice prints, and other biometric data are used more and more for system user authentication and customer service as very convenient and accurate recognition methods, they do not ensure 100% information security. This is a digest of recent biometric data leaks and incidents of bypassing relevant security systems, prepared by InfoWatch Analytical Center.

A soldier allegedly caught passing information to operatives of Pakistan spy agency ISI after being honey-trapped on social media, has been arrested, the Army confirmed today. He was produced in court and will be interrogated by intelligence officials. Sources, however said, the information is unlikely to be sensitive since he is too junior to have access to it, the website ndtv.com reports.

Singapore's privacy watchdog has meted out its largest fine of S$750,000 to Integrated Health Information Systems (IHiS) for lapses in securing patient data which resulted in the nation's worst data breach, The Business Times reports. The cyber attack on SingHealth in June 2018 compromised the personal information of 1.5 million patients, including Prime Minister Lee Hsien Loong.

A security researcher has stumbled over an unsecured MongoDB database server that contained highly detailed CVs for over 202 million Chinese users. Data appears to have originated from a data scraping app that collected resumes from Chinese job portals, the portal ZDNet reports. Who owned the database is still a mystery, said Bob Diachenko, Director of Cyber Risk Research at Hacken Proof, the one who found the server's data left exposed online.

43 State Attorneys General and the District of Columbia announced yesterday a settlement with Neiman Marcus Group LLC resolving the states’ investigation into the company’s 2013 data breach and its security practices, The Ad Law Access reports.

Taiwan is investigating six current and former employees of BASF’s local operations suspected of leaking corporate secrets to a rival Chinese company, according to The Epoch Times. Five employees were detained and one had been granted bail by a court, Lu Sung Hao, Taipei-based director of Taiwan’s Crime Investigation Bureau, told Reuters. The prosecution has not filed any charges against them.

German authorities say a 20-year-old, acting alone, was behind a huge leak of personal data concerning leading politicians and celebrities. The man has confessed, but questions remain about German cyber security, The Deutsche Welle reports.