Third bug discovered this year: introducing “Poodle Bug”

After Heartbleed and Shellshock, a new security vulnerability has been discovered named Poodle – Padding Oracle on Downloaded Legacy Encryption. The bug is found in the encryption technology that  is meant to protect browsing when using public Wi-Fi and means that hackers can now hijack a  victim’s browsing session and access their email, social network account or online banking. The bug  can only be exploited if the attacker is physically close to the victim.

3 in 4 cloud services flout EU data protection rules

A new study has reported that 72% of cloud services used by organisations in Europe do not meet the  requirements of the current EU Data Protection Directive. A common violation was sending data to  countries outside of the EU and without adequate levels of data protections. With harsher penalties  and stricter policies set to come into force soon, organisations are encouraged to address any  privacy compliance issues as soon as possible.

Staples investigating possible data breach

Staples, the office supplies retailer, has announced that it has been in contact with law  enforcement officials regarding a potential credit card data breach. The investigation was  disclosed after an online blog, krebsonsecurity.com, reported that several banks had noticed a pattern of fraudulent payments in  the States. Staples did not provide any additional details of the attack but stressed that any  customers affected would not be responsible for fraudulent payments if reported in a timely manner.

Obama announces new measures to protect financial data

President Obama signed an Executive Order last week aimed at securing financial and sensitive data.  Among the measures is the requirement that all federal government-issued credit cards be equipped  with chip-and- PIN technology, commonly used in Europe, and widely recognised to reduce fraud.  Signing the order at the Consumer Financial Protection Bureau, Obama urged all banks and retailers  to follow suit.

FBI calls for Congress to update privacy laws

After criticising Apple and Google for their enhanced smartphone encryption, James Comey, FBI  Director has asked Congress to update privacy laws to allow officials to gain access to the stored  information on smartphones and other devices. A major debate on Capitol Hill is expected on this  issue in light of the call.

Enforcement starts of Singapore’s new data privacy law

Since coming into force this summer, the new data protection provisions of Singapore’s Personal  Data Protection Act (PDPA) is already catching people out. Although the first convictions have  generally been for offences related to the ‘Do Not Call Registry’, calls have been made for  organisations to which the PDPA applies, to remain vigilant about data exports in particular.

The Apprentice: ‘Privacy is history’

Privacy issues were highlighted in episode two of UK’s The Apprentice when the boys’ team tried to  sell a sweater with an in-built camera. When questioned about the issues that may be raised when  covertly filming people, the reply was “privacy is history”. The retailer retorted that they  thought the opposite was true and then, surprisingly, placed no orders.