USPS Data Breach Exposes 60 Million Users

The United States Postal Service has recently opened up about a security vulnerability which went unfixed for a full year. The data breach, which exposed the data of 60 million users has been tied to an authentication weakness in the mail carrier’s API which allowed cyber criminals free access from within USPS.com. Concerns linger as authorities evaluate the extent of the damage done over the past year and the ramifications going forward.

Are your 3rd-Party Vendors a Data Breach Risk?

A recent study by global risk management group, Opus, revealed that 59 percent of companies surveyed have experienced a data breach sourcing from a vendor or third party partner. Published in the third annual Ponemon Institute’s “Data Risk in the Third-Party Ecosystem”, the risk management group’s numbers reflected at 5 percent increase year-over-year and a 12 percent increase since 2016 for data breaches of this nature in the United States. Analysis of the data cites multiple possible causes leading to data breaches, including complex integrations than span multiple platforms, lack of central internal controls, and lack of vendor management. To this point, 69 percent of respondents admitted that they lack the personnel to oversee the numerous third-party vendor, with only 34 percent maintaining a comprehensive inventory of vendor partners and 37 percent believing they have adequate resources to stay ahead of the curve.

Amazon Black Friday Data Breach

The 2018 holiday season is here and the Grinch is up to his tricks again. This year data breach season starts with the biggest target of all – Amazon. With massive sales expected on Black Friday and Cyber Monday, the giant e-commerce site was a highly probably target of cyber crime. Early reports on the breach from The Guardian indicate that the breach occurred the day before Thanksgiving and compromised customers names and email address. Thus far the company has revealed little information on how the breach occurred, but it is not a great start to the shopping season for Amazon.

Delaware Converts to REAL ID

Dover– On June 4, 2018, The Delaware Division of Motor Vehicles (DMV) will release a new, more secure, card design for driver license and identification cards (DL/ID). This new design release is a part of the DMV’s continuous effort to provide customers with the latest in available document security to combat fraudulent attempts to alter or replicate an authentic DL/ID. New features include Legislative Hall prominently displayed on the front of the license, a new look for the federally compliant gold star, and images including a blue hen on the back of the card. “Keeping Delawareans’ personal data and information secure is a top priority of ours,” said Governor John Carney. “The new features and updated design on the Delaware driver license and identification cards will ensure that our citizens are protected from fraud and replications of their identification cards in the future.” “This new card design contains state of Read More

Missouri Receives Extension to Rollout REAL ID

Missouri has an extension for REAL ID enforcement, allowing Federal agencies to accept driver’s licenses and identification cards from Missouri at Federal facilities, nuclear power plants and federally regulated commercial aircraft until August 1, 2019. Secure driver’s licenses and identification documents are a vital component of a holistic national security strategy. Law enforcement must be able to rely on government-issued identification documents and know that the bearer of such a document is who he or she claims to be. REAL ID is a coordinated effort by the states and the Federal Government to improve the reliability and accuracy of state-issued identification documents, which should inhibit terrorists’ ability to evade detection by using fraudulent identification.