marketing manager for Advent IM, which is the UK's leading independent information security and physical security consultancy. We specialise in holistic security management solutions for Information Security, HMG Information Assurance, Business Continuity, PCI-DSS and Physical Security and have a proven track record of successful certifications
When it comes to anything to do with North Korea, details will be sketchy and no one wants to totally hang their hat on anything as fact. But the warning about high balance online gambling accounts is certainly valid.
Read the full story and think about how you communicate the need for careful account management with users.
Credit: Getty Images. NB. not the actual fish involved
We have talked about phishing before and warned you of the dangers of phishing emails that spread malware, ransomware and other toxic payloads. Today however we are talking fish. Actual fish.
It was never going to be long before the obsession with web-enabling everything from air conditioning to kettles, caused a bit of a problem. In this case, a web-enabled fish tank (stay with us) was hacked and using this fish tank’s connection, criminals managed to move through the network and steal data from the fish home a ‘smart tank’ in a casino…
If you consider the use web-enabled equipment, including any animal enclosures, please risk assess it thoroughly and please protect it properly from fishers, phishers and other cyber botherers. Criminals will head for the point of least resistance every time and you need to know where that is before they do.
If you want to view some free content of ours on cyber protection, head over here.
According to a press release from the Hard Rock Hotel & Casino chain, the financial data of its customers may be at risk, due to a failure of its hotel reservation system.
The system in question is a third party application and this is not the first time a data breach has been caused by a third party provider.
Make sure you conduct thorough risk assessments and understand the nature of all connected services. This includes things like maintenance portals and service access portals. Remember Target was hacked through its air conditioning maintenance portal.
If you are interested in reading the full statement click here.
Ladbrokes is facing a potential probe from the Gambling Commission over its personal information handling practices under the Data Protection Act, after personal details of gambling addicts were found in a bin bag. This included photos, names and addresses.
Anyone in any doubt about how serious this will be as we move toward GDPR adoption should consider the 4% of global turn over fines that the Information Commissioner will be able to levy on future serious breaches.
The UK Information Commissioners Office (ICO) is taking a look at lovation tracking software installed without users knowledge who log into online betting services.
The use of this software may be contravening the Data Protection Act (1998) as this Act requires data subjects to be aware if their personal information is collected and give permission for it to be used in ways they agree to and nothing more.
The timing of this investigation is crucial as GDPR will enter law next May and fines of up to 4% of global turnover will come into force for serious data protection breaches.
If you want to read more about the story click here.
If you want to learn more about Data Protection and GDPR click here.
Players are being asked to exercise caution in what they post in the TwoPlusTwo forum and some have been advised to change their passwords.
Any question of a hack should mean all users would be sensible to change their passwords and to something they do not use elsewhere, that is robust and does not contain dictionary words. If you would like some guidance on the best way to do this, try our main blog here.
If you would like to read the whole story, click here.