Dating App Leaves Personal Data Exposed

In the News 

Another dating app is suffering from a data mishap. In Jewish dating app JCrush exposed user data and private messages, Zack Whittaker at Tech Crunch discusses how user account information, as well as personal messages between users, were stored without encryption at the dating site JCrush. However, Whittaker explains that the company is not aware of any malicious attacker accessing the exposed information. 

Our Take 

As with any social media, messaging, or dating service, the reality of privacy is a point of contention in our current society. While many of these apps and accounts claim to prioritize user privacy and data security, we have seen time and time again that data breaches, exposures, and misuse are rampant. To keep information about yourself and your private conversation private, remember that your privacy is in your own hands. Selectively choosing how much information you input into an account profile, refraining from adding financial payment information into all of your accounts, and being mindful of the fact that your data will be stored along with the data of thousands of others can help ensure that if a platform you use suffers a data exposure, you are only minimally impacted. 

Recommendations 

How can you maintain your privacy on messaging and dating apps? 

  • Understand the risks of putting your personal information into the world, and only share what you have to   
  • Use safe password practices, and take advantage of Multi-factor Authentication where possible  
  • Refrain from sharing highly sensitive information through messaging apps or over the phone  
  • Save copies of important conservations on an external hard drive or other storage method 

Apple ID Login for Third-Party Services

In the News 

Apple continues to take measures to enhance user privacy. In Apple will soon require apps with any third-party logins to offer Sign In With Apple also, Brian Heater and Mathew Panzarino at TechCrunch discuss how Apple is requiring all third-parties with log-in ties to Facebook and Google to provide users with an Apple ID login. Heater and Panzarino explain that this new requirement will give Apple customers greater privacy when creating accounts and minimize the amount of additional information they have to share with new companies.  

Our Take 

User privacy is a critical priority of Apple at this time. The company seems to be introducing more and more features that tackle the issue of data security and transparency in their practices. While offering the option to log in to thirdparty services with your Apple ID is a convenient way for Apple to control the sharing of customer information, it also allows for users to consolidate their accounts in a way that reduces the need for endless password creation and storage. It can be a burden to create new accounts with the same account information as all of your other accounts, but by using your Apple ID for this login, users can know that a company which at least claims to prioritize customer privacy and security will be in charge of their account security through third-parties as well. 

Recommendations 

How can you protect your privacy while creating third-party accounts? 

  • Understand the risks of putting your personal information into the world, and only share what you have to 
  • Chose the most secure log-in option that your browser supports 
  • Always use safe password practices, and take advantage of Multi-factor Authentication where possible   
  • Utilize additional security/privacy measures and settings on apps, accounts, and platforms whenever possible 

Apple is Fighting Spam Phone Calls

In the News 

Can the threat of spam calls be mitigated? In Apple is building a major defense against spam calls into iOS 13, Chris Welch at The Verge discusses the integration of a built-in spam blocker in Apple’s newest iOS update. Welch explains that once installed, your Apple device will send suspected spam calls to your voicemail, reducing the risk that you answer a call and feed the attacker useful personal information. Welch emphasizes that this service can be turned on or off, but suspects that most will utilize the feature.  

Our Take 

Spam calls can be more than an annoyance. The prey on victims by taking advantage of their emotions upon hearing alarming news or by tricking unsuspecting individuals into giving up personal information when it is not needed. Although there are many ways that individuals can protect themselves against spam callers, company initiatives to remove some of this stress from consumers is much appreciated. By utilizing its technology, Apple can deliver a service that can be highly beneficial in not interrupting the daily lives of its customers while also increasing their privacy and potential harm from spam callers. Although customers will have the option to use or not use the feature, the benefits seem to outweigh the negatives on this specific iOS update greatly 

Recommendations 

How can you protect your personal information from spam callers? 

  • Understand the risks of putting your personal information into the world, and only share what you have to  
  • Refrain from answering calls from unknown and unfamiliar numbers  
  • Refrain from sharing financial and sensitive personal information over the phone  
  • Verify the contents of a voicemail in a separate browser before returning a missed call 
  • Check your email, financial accounts, and credit reports regularly for abnormal activities 

Tap-to-Pay with a Fitbit

In the News 

Your morning commute may be getting a bit easier. In Fitbit Pay will also work with NYC’s subway turnstiles, Brian Heater at TechCrunch discusses the many options using tap-payment for public transit fair in NYC. Heater explains that with newer additions of the Fitbit will have the capability to pay for single trip transit fares. Heater furthers that this payment method is available in other major US cities as well. 

Our Take 

Mobile payment has been continuing to make its way into our daily routines. From ordering food, to tap-payment at stores, and now transit fare, there is no doubt that the move towards our phones serving as our financial wallet provides a simplification for many daily tasks. However, just because a new service or technology is useful does not mean that it is the best or most safe option. Scammers target mobile financial services, and as mobile payment becomes more commonly used, attacks on this form of payment will continue to increase. To use these new and innovative services safely, make sure that you are the only one making purchases with your mobile-pay method of choice. 

Recommendations 

How can you avoid financial damages when using payment apps and services? 

Financial Incentives to Sell Customer Data

In the News 

Is your personal data financial benefitting someone else? In 25% of Workers Would Give Away Data for £1000Phee Waterfield at Infosecurity Magazine discusses a new report which found that companies and their employees still prioritize their financial gain over preserving customer privacy and transparency. Waterfield explains that about 50% of employees would sell company data for a monetary payment despite the increased demands for customer privacy and transparency in corporate practices. Waterfield emphasizes that this data reflects a low loyalty among many employees. 

Our Take 

Companies and their employees have been taking advantage of the trust consumers place in their company when they input personal information into their accounts. Consumers assume that all companies will do what is right and secure their information to the best of their availability. However, we are seeing time and time again that consumer privacy is not the main priority of many companies and their employees. Despite the obvious moral issue with not reporting a data breach or selling data that is not yours to sell, the larger societal problems is that this practice is becoming normalized. Companies and their employees are acting in a self-serving manner, and consumers need to be aware of this reality to take action themselves to protect their data. 

Recommendations 

How can you protect the privacy of your personal information? 

  • Understand the risks of putting your personal information into the world, and only share what you have to        
  • Use safe password practices, and take advantage of Multi-factor Authentication where possible  
  • Utilize additional security/privacy measures and settings on apps, accounts, and platforms whenever possible 
  • Research and read a company’s data privacy practices prior to utilizing their services 
  • Know your rights when it comes to data storage both on a company and legal level 

Password Resetting After a Data Exposure

In the News 

Another tech company is recovery from a data breach. In Flipboard hacks prompt password resets for millions of users, Zack Whittaker at Techcrunch discusses how the platform Flipboard is reacting after discovering their network and customer data had been breached on numerous occasions this past year. Whittaker explains that the company has forced customer password resets because password and other account information was exposed. Whittaker elaborates that Flipboard was securing its data with an outdated system for a portion of the breach period and that the specific number of affected customers has not been disclosed 

Our Take 

The reality of frequent data breaches at companies with hundreds of millions of daily users is unfortunate and problematic. With so many incidents of data breaches in the news, it is easy to become desensitized to the damage that such breaches can inflict. However, it is crucial to demand prudence from companies is prioritizing the privacy of customer data. This includes using the most up to date systems for encryption and data storage on the corporate side. Additionally, each new story of a recent data breach should serve as a reminder of the need to protect your data with strong and unique passwords, conscious information sharing on online accounts, and know how to react if your information is exposed.  

Recommendations 

How can you protect the privacy of your personal account information? 

  • Understand the risks of putting your personal information into the world, and only share what you have to         
  • Use safe password practices, and take advantage of Multi-factor Authentication where possible   
  • Utilize additional security/privacy measures and settings on apps, accounts, and platforms whenever possible     
  • Comply with company requests to update your accounts, their passwords, or any operating system 
  • Stay up to date on the news regarding recent data breaches and exposures to see if you may have been affected 

Can Privacy and Ad-Tracking Co-exist?

In the News 

Ad-tracking, ad-blocking, ad, ads, ads; they are everywhere. In Apple has a plan to make online ads more private, Zack Whittaker at TechCrunch discusses Apple’s new ‘Privacy Preserving Ad Click Attribution’ initiative on Safari browsers, which eliminates the ability for ad companies to know the identity of the individuals clicking on their ads or making purchases on a given site. Whittaker explains that this will increase user privacy while also keeping the internet ‘free’ and allowing data analytics to continue. Whittaker elaborates that this process would have a two-day delay, which would make immediate data regarding ad-tracking impossible. 

Our Take 

Ads are often seen as a double-edged sword in society. On one hand, they can be bothersome and often appear at the most inconvenient times. On the other hand, they can provide useful inspiration for products or services that you might like. Regardless of your opinion on ads, the idea of ad-tracking and the extent to which data analytics uses your online habits to construct customer profiles is often seen as invasive. While there are options for ad-blockers and other tools to minimize how much ad-tracking impacts you, Apple’s new initiative might be an appealing option for all parties involved. Users want to see an increased privacy initiative regarding the internet, and legislation is currently in the talks for data privacy moving forward. Before law rules whether companies or consumers get the upper hand in the data privacy debate, a compromise like Apple’s ‘Privacy Preserving Ad Click Attribution’ can please both sides. 

Recommendations 

How can you protect your privacy while browsing online? 

  • Understand the risks of putting your personal information into the world, and only share what you have to    
  • Utilize additional security/privacy measures and settings on apps, accounts, and platforms whenever possible 
  • Minimize the number of accounts that have direct access to your bank account or card numbers   
  • Only make purchases at reputable online retailers 
  • Avoid clicking directly on links, whether in email or social media – always search through your search engine to verify legitimacy and find the appropriate site 

Financial Data Exposure

In the News 

Another enormous data exposure. In First American Financial exposed 16 years’ worth of mortgage paperwork, including bank accounts, Dieter Bohn at The Verge discusses how a shortcoming in URL security left over 800 million records exposed by First American Financial over more than a decade. Bohn explains that sensitive information, including Social Security Numbers (SSNs) and financial information, were included in the exposed data. Bohn furthers that the company is emphasizing the priority of customer privacy and has resolved the vulnerability. However, details regarding how such a significant exposure occurred are still under wraps 

Our Take 

Data exposures involving sensitive information such as SSNs and financial information can have a detrimental impact on those whose data is shared without their consent. Although companies should take steps to encrypt and secure customer records with the best available technology, this practice is not universally followed. What results is enormous data exposures that threaten the privacy of too many individuals to count. First American Financial was able to correct the vulnerability quickly, but the question of how such an exposure was left untouched for 16 years is still at large. Consumers may not be able to force companies to secure their data all for the time, but they must take measures into their own hands and keep watch of their records to spot fraud before it becomes damaging.  

Recommendations 

How can you protect the privacy of your personal information?  

  • Understand the risks of putting your personal information into the world, and only share what you have to         
  • Use safe password practices, and take advantage of Multi-factor Authentication where possible   
  • Utilize additional security/privacy measures and settings on apps, accounts, and platforms whenever possible     
  • Stay up to date on the news regarding recent data breaches and exposures to see if you may have been affected 

Better Wi-Fi Security

In the News 

How safe are public wi-fi networks? In Microsoft Beefs Up Wi-Fi Protection, Tara Seals at Threatpost discusses how Microsoft’s most recent updates will now allow consumers to know if the wi-fi network they wish to connect to has outdated security measures. Seals explains that this vetting of networks will allow for safer internet use by the general public and especially company employees who deal with work matters using public wi-fi networks.  

Our Take 

It is not uncommon to search or establishments or areas with free public wi-fi. After all, so much of our daily lives are tied to having an internet connection, and going over your data plan limit can be quite pricey. However, public wi-fi networks often do not have the same level of security and privacy as private networks, and this can lead to the exposure of your personal information if the network is breached. Microsoft’s new update gives users a warning if they are connecting to a sketchy network. While it is still the users’ choice, whether they continue connecting to the network or not, this initiative gives more transparency and autonomy to consumers over using safe practices. 

Recommendations 

How can you protect your data from being exposed? 

  • Understand the risks of putting your personal information into the world, and only share what you have to   
  • Use private and secure wi-fi networks when dealing with sensitive topics or work matters 
  • Utilize additional security/privacy measures and settings on apps, accounts, and platforms whenever possible     
  • Stay up to date on the news regarding recent data breaches and exposures to see if you may have been affected  

Snapchat Employees Have Access to Your Data

In the News 

Your saved snaps can be seen by who? In Snapchat: Your latest reminder anyone a company hires could theoretically breach your privacy, Sean Hollister at The Verge discusses how Snapchat employees are entrusted with a tool allowing them to see your old snaps as well as account information and even physical location data. Hollister explains that it is not unusual for lots of personal data to be stored by a company, but issues arise when the consumers are unaware of the extent to which their data is kept and who has access to such data. 

Our Take 

Data privacy continues to be a relevant topic, specifically when social media companies are involved. Although social media users ‘know’ that the platform is storing their data, it is common not to think much of such a practice. However, this laissezfaire attitude can cause problems down the road if, for some reason, the company suffers a data breach. It is best always to consider the information that you upload, save, or share on social media platforms. Just because you may not find old snaps sensitive information, practicing safe social media habits will benefit you in the long run. Additionally, it is crucial that you understand the data policies of the social media networks you utilize. Always ensure your privacy and your data privacy by choosing companies and platforms that prioritize privacy and data security. 

Recommendations 

How can you protect your privacy while using social media apps? 

  • Understand the risks of putting your personal information into the world, and only share what you have to     
  • Use safe password practices when creating online accounts, and take advantage of Multi-factor Authentication where possible  
  • Utilize additional security/privacy measures and settings on apps, accounts, and platforms whenever possible          
  • Know your rights when it comes to data use and storage