• Home
  • About
  • CBS Interactive
  • Cambodia
  • Freelance
  • UN/IOM
  • BUSINESS DAY
  • MEDILL
Menu

Jonathan Greig

Street Address
City, State, Zip
Phone Number

Your Custom Text Here

Jonathan Greig

  • Home
  • About
  • CBS Interactive
  • Cambodia
  • Freelance
  • UN/IOM
  • BUSINESS DAY
  • MEDILL

Mozilla's Firefox Monitor security tool checks if your accounts have been compromised by hackers

June 26, 2018 Jonathan Greig
Image: CNET

Image: CNET

Mozilla's Firefox Monitor security tool checks if your accounts have been compromised by hackers

Despite the prevalence of hacks and data breaches in the news recently, few people ever find out if their information has been released or taken advantage of unless there is a noticeable problem. Just last year, more than 179 million records were exposed in the U.S.

Mozilla is hoping to change that by teaming with Troy Hunt -- a renowned Australian digital security expert who runs HaveIBeenPwned.com -- to create Firefox Monitor. The website HaveIBeenPwned.com allows you to search for your email address to see whether it has been involved in a data breach, giving you the date, breached company, and amount of data stolen. The website also gives a description of the hack your email was involved in and suggests ways to move forward.

Have I been pwned?

"Over the coming weeks, Mozilla will begin trialling integration between HIBP and Firefox to make breach data searchable via a new tool called 'Firefox Monitor'," Hunt wrote in a blog post about the partnership.

"This is major because Firefox has an install base of hundreds of millions of people which significantly expands the audience that can be reached once this feature rolls out to the mainstream."

HaveIBeenPwned.com currently has a secure database of 5.1 billion records, with 3.1 billion unique email addresses, yet only a bit more than 2 million subscribers. The more people that take advantage of the pwned website, the more people will be able to secure their accounts and make it safer for everyone, including the websites involved in the original hack.

"Understandably, people are now more worried about internet-related crimes involving personal and financial information theft than conventional crimes. In order to help keep personal information and accounts safe, we will be testing user interest in a security tool that lets users check if one of their accounts has been compromised in a data breach," Mozilla wrote in its announcement of the deal. 

Check for a privacy breach

"Visitors to the Firefox Monitor website will be able to check (by entering an email address) to see if their accounts were included in known data breaches, with details on sites and other sources of breaches and the types of personal data exposed in each breach. The site will offer recommendations on what to do in the case of a data breach, and how to help secure all accounts," they said adding that they were working on another feature that would let users know when their information was involved in a data breach.

Mozilla and HaveIBeenPwned.com initially announced a partnership last fall that saw the web browser add an alert that would notify users when they were visiting a website that had recently been involved in a data breach.

Hunt also secured a deal with 1Password, a password management app, in February that allows users to search if their email or password had been released in a data breach.

Both Hunt and Mozilla wrote extensively about the security concerns people may have with the database and entering their email addresses into the service. They employ a detailed strategy that makes it nearly impossible to use or even identify the email addresses in their database.

According to Mozilla, Firefox Monitor will begin testing next week, with 250,000 mostly U.S.-based users invited to join the trial period.

Mozilla Firefox since the end of last year has put protecting its users privacy and personal data at the top of its list. Firefox lets you create and manage strong passwords with an easy-to-use password manager that can handle credit card and other login information. The Firefox browser also includes tools that block websites from tracking your online activities. You can also extend Firefox's usefulness through browser extensions that let you harden your browser's security.

*This article was featured on Download.com on June 26, 2018: https://download.cnet.com/blog/download-blog/mozillas-firefox-monitor-security-tool-checks-if-your-accounts-have-been-compromised-by-hackers/

Source: https://download.cnet.com/blog/download-bl...
In cbs interactive Tags download.com, mozilla, firefox, firefox monitor, haveibeenpwned, security, cybersecurity, troy hunt, hacks, data breach, hackers

Thousands of Sears, Delta customers affected by data breach →

April 5, 2018 Jonathan Greig
Image: Delta

Image: Delta

A third-party vendor used by both companies announced that its system had been breached for two weeks starting in September 2017.

Delta Air Lines and Sears Holdings Corp. revealed yesterday that one of its third-party vendors managing online customer chat services had been hacked in September 2017, leaving the credit card information of hundreds of thousands of people open to cybercriminals for more than two weeks.

Questions remain unanswered about why it took so long for the hack to be noticed, and why Delta and Sears were only notified of the data breach in mid-March 2018, months after the initial hack took place.

[24]7.ai, the vendor that was hacked, said in a statement that it was "working diligently with our clients to determine if any of their customer information was accessed." They did not answer multiple questions from the media about why they waited so long to tell the companies about what happened.

The hack began on September 26, 2017 and was discovered by [24]7.ai two weeks later on October 12, 2017.

Sears and Delta said they were working with federal law enforcement and credit card companies to deal with the breach, but gave conflicting information on whether they believe information was stolen or accessed during the two-week window.

"At this point, even though only a small subset of our customers would have been exposed, we cannot say definitively whether any of our customers' information was actually accessed or subsequently compromised," Delta said in its statement, stressing that no passport information or government IDs were impacted by the hack.

Sears, on the other hand, said, "we believe the credit card information for certain customers who transacted online between September 27, 2017 and October 12, 2017 may have been compromised," but claimed none of its stores or Sears-branded credit cards had been affected.

"Data security is of critical importance to our company, and we take any matter related to customer's personal information very seriously," Sears said, adding that Kmart customers were also affected by the hack.

Delta would not say how many customers were affected, only referring to it as a "small subset," while Sears said it was less than 100,000. The information that was breached included credit card numbers, addresses, expiration dates, and CVV numbers.

This latest hack comes just days after high-end retailers Lord & Taylor and Saks Fifth Avenue revealed that its systems had been breached. The credit card data of millions is now being sold on the dark web due to the hack.

Like Saks and Lord & Taylor, Delta and Sears have set up websites and hotlines for concerned customers. Both companies also plan to contact customers who they are certain were affected by the hack and reminded their buyers that no one is liable for unauthorized or fraudulent account activity.

*this article was featured on the Tech Republic site on April 5, 2018: https://www.techrepublic.com/article/thousands-of-sears-delta-customers-affected-by-data-breach/

In cbs interactive Tags sears, delta, data breach, cybersecurity, cyberattacks

POWERED BY SQUARESPACE.