News

Wednesday, 16 November 2016

Up to 400 million accounts in Adult Friend Finder breach
  The site's operator has begun an investigation. It said it had already fixed a vulnerability but would not confirm there had been a breach. The leak is said to cover 20 years of sign-ins, including deleted accounts.
AFF's parent company owns explicit webcam sites, whose logins are also believed to have been stolen.
"Over the past several weeks, Friend Finder has received a number of reports regarding potential security vulnerabilities from a variety of sources," Friend Finder Networks' vice president Diana Ballou told ZDNet.
"Immediately upon learning this information, we took several steps to review the situation and bring in the right external partners to support our investigation."

The site was previously hacked in May 2015, when 3.5 million user records were exposed.
Leaked Source, which reported the latest breach, said it was the biggest data leak it had ever seen.
Including Friend Finder Networks' other explicit sites, the entire breach is said to include information about 412 million accounts.
Leaked Source provides a free service that tells visitors if their email addresses have been compromised, but charges them to find out what associated data has been leaked. The firm said "after much internal deliberation" it would not make the Friend Finder Network logins searchable "for the time being".

To verify its claim, Leaked Source gave ZDNet security editor Zack Whittaker 10,000 AFF logins and 5,000 from the network's other sites.
He tracked down some of the email address owners and said about a dozen had said the details were real.
"A number of those confirmed their details when we read them their own data, but understandably, others weren't as willing to help," he said.
"One person I spoke to said he wasn't worried because he used only fake data. Another said he 'wasn't surprised' by the breach.
"Many simply hung up the phone and wouldn't talk."

Security researcher Troy Hunt was also given a similar sized sample, but said it was still "early days" to confirm the scale of the breach as it only represented "a snippet" of what was said to have been stolen.
"I am intrigued - I can imagine it may be feasible but [412 million] is a really high number," he said.
It is second in size only to Yahoo, which revealed in September 2016 that data about some 500 million users had been stolen by "state sponsored" hackers.
"There have been so many leaks recently that these people have probably already had their data shared," said Mr Hunt.
But he added that the nature of AFF's explicit images and messages could still cause problems.
"We will find worried people who have used their work email address to create accounts."

Leaked Source said the most popular email services used to register with the hook-up site were Hotmail, Yahoo and Gmail.
But it said there were also 5,650 government addresses - ending .gov - and 78,301 attributed to the US military - ending .mil.
"It's a sad state of affairs when we berate people for giving their personal data to someone in confidence not expecting it to be leaked," said Mr Hunt.
He added that in some cases accounts would have been created by other people using someone else's address without their consent.
"I think it's a small percentage - but it can happen.
"I call it the Ashley Madison defence."
  
http://www.bbc.com/news/technology-37974266
  
                                                                                                                                                                                                             

Tuesday, 12 April 2016

Adresarea directorului CNPDCP
Stimați colegi, parteneri și prieteni,

Pe 13 aprilie 2016 se împlinesc 7 ani și 5 luni de cînd am început explorarea domeniului apărării drepturilor omului, în special a dreptului la respectarea vieții private în partea ce ține de prelucrarea datelor cu caracter personal. Apreciez această perioadă, din viața mea, drept una cu multe provocări, unele dezamăgiri, distrugeri ale stereotipurilor, dar și realizări majore. Sper că cetățenii și societatea să aprecieze pozitiv lucrul făcut în acești ani. În fine, dar nu în ultimul rind, a fost creată de la zero o instituție de stat puternică, viabilă, autonomă și independentă, cu un colectiv format din profesioniști în domeniul apărării drepturilor omului prin asigurarea protecției datelor cu caracter personal.

Vreau să aduc sincere mulțumiri foștilor și actualilor angajați ai Centrului pentru eforturile depuse, abnegația și dăruirea de sine la realizarea sarcinilor trasate. Îmi cer scuze, de la ei, pentru nervii pierduți, sănătatea deteriorată, nopțile nedormite, stresul continuu și presiunile psihologice la care am fost supuși pe parcursul activității în binele cetățenilor și societății.

Știu că sînt încă foarte multe de făcut, pe angajații Centrului îi așteaptă noi provocări și greutăți, dar, sînt convins, și rezultate remarcabile. Sper, și-i rog pe colegi, să nu se supere că plec acum. Soarta mi-a dat posibilitate să realizez multe în viața aceasta, însă, a necesitat și jertfe, care au avut efect advers asupra sănătății.

La final, doresc colectivului Centrului succese în activitate. Fiți puternici, apărați dreptul cetățenilor la prelucrarea datelor cu caracter personal și respectați legislația.

Cu profund respect,

Vitalie PANIŞ

Monday, 11 April 2016

Training seminar
      Between the 3 and 5 April, at the initiative of National Bureau of Statistics, were organized training seminars to familiarize the temporary staff responsible for organizing and conducting the 2014 Population and Housing Census with the personal data protection field. Representatives of the Legal and public relations Department of the National Center for Personal Data Protection of the Republic of Moldova participated at the event as trainers.

The seminars were focused on practical issues and recommendations/solutions regarding the implementation of the Law no. 133 of 8 July 2011 on personal date protection and the Requirements for the assurance of personal data security at their processing within the information systems of personal data approved by the Government Decision no. 1123 of 14th of December 2010.

Moreover, were discussed the principles for ensuring the security and confidentiality regime of processed personal data and the liability in case of legislation breach.


                                                                                                                                                          Legal and Public Relations Department

Wednesday, 6 April 2016

Personal details of 50 million Turkish citizens leaked online, hackers claim
   Hackers claim to have accessed the personal details of nearly 50 million Turkish citizens and posted them online in a massive security breach that could seriously embarrass the country’s government.

If confirmed, it would be one of the biggest public leaks of personal data ever seen, experts said - effectively putting two-thirds of the country’s population at risk of fraud and identity theft. AP reported on Monday that it had partially verified the leak as authentic.

Personal information including national identity numbers, addresses, dates of birth and names of parents were all posted online in a downloadable 6.6 GB file.

The data was accompanied by an online statement headlined Turkish Citizenship Database that made some taunting stabs at Turkey’s ruling establishment and its Islamist-rooted Justice and Development Party (AKP) government.

“Who would have imagined that backwards ideologies, cronyism and rising religious extremism in Turkey would lead to a crumbling and vulnerable technical infrastructure?,” it read.

Significantly, the details included those of Recep Tayyip Erdogan, Turkey’s authoritarian president, at whom the leak appeared to be partially targeted,  judging by some highly politicised comments on the accompanying statement.

Under the heading Lessons for Turkey, the poster wrote: “Do something about Erdogan. He is destroying your country beyond recognition.”

The leak also purported to disclose the details of Ahmet Davutoglu, the Turkish prime minister, and Abdullah Gul, Mr Erdogan’s predecessor as president.

Other “lessons”, offered in bullet points. made mockingly dismissive references to the Turkish authorities’ internet security procedures.  They stated: "Bit shifting isn't encryption;   Index your database. We had to fix your sloppy DB work; Putting a hardcoded password on the UI [user interface] hardly does anything for security."

The message also addressed Donald Trump, the Republican frontrunner in the American presidential election, in terms that suggested the hackers were United States citizens.   “We really shouldn't elect Trump, that guy sounds like he knows even less about running a country than Erdogan does,” it read under a final section headlined Lesson For The US. 

The site appeared to be hosted by an Icelandic group specialising in divulging leaks, using servers in Romania, AP reported.

Hackers have a track record of targeting Turkey. One hacking episode by the group Anonymous saw 17.8 GB of material from the national police database released online in February.

Jacob Applebaum, an American computer security specialist and hacker based in Berlin, said the latest leak could constitute a major breach for the Turkish authorities.

“If this is really what it claims, I think it is one of the largest security/PII breaches since the #OPM hack,” he wrote on Twitter, referring to last year’s hacking of the United States Office of Personnel Management database, which is thought to have compromised the records of 18 million people.


Source : http://telegraph.co.uk

Wednesday, 6 April 2016

DNA chief Laura Codruța Kovesi, spied by former Mossad agents. Two of them – arrested
   The National Anticorruption Directorate (DNA) chief, Laura Codruța Kovesi, was spied by former Mossad agents, according to Rise Project. Four Israeli citizens are under the DIICOT investigation for spying on communications and for attempt to discredit Laura Codruța Kovesi. Two of the suspects have been already arrested in Romania.

The two of suspects who had spied on the DNA head are Dan Zorella and Avi Yanus, former intelligence officers and co-founders and CEOs of the Israeli private investigation firm Black Cube. Meir Dagan – former Mossad director during 2002-2011 – also worked for the company, the source informs, quoted by digi24.ro.

According to prosecutors, the two, together with several Black Cube employees, including Ron Weiner and David Geclowicz, “have formed an organised group to commit offenses of harassment and IT offenses consisting in making multiple threatening phone calls (…) and phishing attacks in order to steal the access credentials and subsequently to compromise the email accounts, activity followed by violation of the secrecy of correspondence, for illegal copying and transferring it,” Rise Project reports.


Source : http://www.romaniajournal.ro
Search

Galerie video



About NCPDP      Activity      Press service      Legislation      Consultative council  
   Transparency in decision-making process      Useful information      Notification procedure      Children and personal data protection  
  
2009© NCPDP
Elaboration and technical support: Special telecommunication centre
Visitors statistics: 3057434