A recent data breach involved a deliberate email phishing* attack on an industry organisation. The email purported to come from the chief executive and requested a copy of the membership list (names and email addresses).

The salutation on the email simply said “Hi”. It arrived at 4.36am on a public holiday in the inbox of a public facing email address, and it appeared to have been sent from a personal email address belonging to the organisation’s chief executive.

If ‘open sesame’ was a password, just remember how in the tale of Ali Baba it didn’t work out so well for the 40 thieves and their treasure trove. Consider then how well an easy-to-guess password will protect yours.

Around the world, governments are rushing through legislation in an effort to legitimise the use of privacy-intrusive measures by security and intelligence services, says the UN Special Rapporteur on the right to privacy in his March report to the UN Human Rights Council (UNHCR).

Does working at the Office of the Privacy Commissioner make you paranoid? Well, it’s not quite that bad, but a New Zealand Herald article about cybercrime and identity theft prompted me to think about the number of my online profiles that use, or are linked to, my real identity.

The GCSB does not undertake mass surveillance of New Zealanders. It was a message that the acting head of New Zealand’s foreign intelligence agency, Una Jagose, reiterated in Wellington this week, as well revealing details about the Bureau’s cyber-security work.

This week is Connect Smart week. That means you will see and hear about a number of initiatives that underline the need to be cyber-savvy and for people to do more to protect themselves online. The internet is home to networked convenience and fast information but it is also where identity theft, fraud and other kinds of nefarious things happen.