Personal note - greetings from Portland, Oregon

In a few days I'll be visiting the Monitorama conference with my awesome colleagues from Articulate. I flew in a little early to get rid of the jetlag and see a bit of Oregon. Holy crap is it beautiful here.
I'm not sure if I'll be able to do a full issue next week, but I did manage one this week :-) Enjoy!

Dieter Van der Stock

Breaches and leaks

  • First American Financial Corp: over 800 million mortgage documents, containing very sensitive information, were available to anyone to see by changing the ID in the URL. Ffs.
  • Perceptics: a company that creates license plate readers used extensively by US border control. Was compromised, all stolen files are available for download on the dark web.
  • Flipboard: hackers breached their databases, compromising user data. Tokens were revoked, and passwords were hashed with bcrypt. Although if you hadn't logged in for a few years, then your password was hashed with the easier to crack SHA-1.
  • Canva: graphic design service. Was compromised with 139 million users impacted. They seem to have handled it relatively well though. The breach was quickly detected, and all passwords were hashed with bcrypt.
  • Pyramid Hotel Group: service provider to large hotel chains like Marriot and Plaza. Had an unsecured server exposing 85GB in security logs, stemming from its intrusion detection system. Great that they had one, not so great that anyone could see the sensitive data it collected.
Dieter Van der Stock