Podcast Episode Details
Back to Podcast Episodes
The Quora Data Breach, Facebook’s Private Emails, Google Location Tracking – WB46
Watch this episode on our YouTube channel!
This is your Shared Security Weekly Blaze for December 10th 2018 with your host, Tom Eston. In this week’s episode: In this week’s episode: the Quora data breach, Facebook’s private emails, and Google location tracking.
Silent Pocket is a proud sponsor of the Shared Security Podcast! Silent Pocket offers a patented Faraday cage product line of phone cases, wallets and bags that can block all wireless signals, which will make your devices instantly untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order. Visit silent-pocket.com to take advantage of this exclusive offer.
Be sure to enter our Silent Pocket Faraday Bag giveaway currently taking place until December 17th 2018. This prize package is valued at over $100! See our show notes for the link to enter and good luck!
ENTER THE SILENT POCKET GIVEAWAY: https://kingsumo.com/g/ydnieb/silent-pocket-faraday-bag-prize-package
Hi everyone, welcome to the Shared Security Weekly Blaze where we update you on the top 3 cybersecurity and privacy topics from the week. These podcasts are published every Monday and are 15 minutes or less quickly giving you “news that you can use”.
Another week and yet another massive data breach. This time the company is Quora, the popular question-and-answer website. In an announcement last week Quora disclosed that 100 million users may have had their private information stolen when a malicious third-party gained access to one of Quora’s systems. Quora states that the issue was discovered on November 30th and that investigation is ongoing. However, they did disclose that account information which is name, email address, encrypted password hashes (apparently using bcrypt with a salt), data imported from linked networks, public content and actions as well as non-public content such as direct messages have all been compromised. One interesting point they made was that anonymous questions and answers were not affected by this breach because Quora does not store details of anonymous users using their site. If you’re a Quora user, the typical data breach recommendations apply. Change your password and don’t use the same password for every site and service that you use. I did find it surprising that they did not mention enabling two-factor authentication. That’s because, unfortunately, two-factor authentication is not available for Quora’s users (at least as of this podcast recording).
Just two weeks ago Marriott announced that 500 million customers had their personal information stolen as well. Just as an update to this news, recent reports from Reuters now indicate that Chinese nation-state hackers may have been to blame as private investigators looking into the breach have found hacking tools and techniques previously attributed to China. Having yet another announcement of a data breach that reaches into the hundreds of millions is becoming so common, I think many of us believe that this is just the new normal. While there isn’t much we can do about how third-party companies are protecting our information, what is under our control though is the very basics of good cybersecurity practices and that is, password management. Which means you should b
Published on 7 years ago