Our website uses cookies to give you the best experience and for us to analyse our site usage. If you continue to use our site, we will take it you are OK about this. Click on More for information about the cookies on our site and what you can do to opt out.

We respect your Do Not Track preference.

Viewing entries tagged with 'data breach'

Breach Case 5: Taking client files offsite Neil Sanson
4 August 2017

weka edit

You keep your home safe, don’t you? So there should be no problem taking some work notes home, rather than travel the extra distance to drop them off at the office at the end of the day; or to have to pick them up in the morning at the office. You are saving time and avoiding unnecessary travel. But homes do get burgled, thousands in any month.

If you spot a security flaw, tell CERT NZ Neil Sanson
4 August 2017

cert NZ

Computer systems always seem to have problems and vulnerabilities. Some data breaches occur because of those vulnerabilities. If you spot a vulnerability or security flaw in a website, you can first report it to the organisation. They are generally happy to hear about a problem, so they can fix it.

When governments get data protection wrong Charles Mabbett
2 August 2017

The Great Wave off Kanagawa crop

“I’m from the government and I’m here to help.” The former US President Ronald Reagan famously said these were the “nine most terrible words in the English language” that anyone could expect to hear.

Breach Case 4: Testing with real data Neil Sanson
9 June 2017

test sign

Sometimes it seems a good idea to use real production data in a test environment. But doing so means security becomes even more important if you want to stop things going wrong.

Breach case 3: Catches win matches Neil Sanson
7 April 2017

stop sign

A recent data breach provided an example of how it is sometimes possible to catch a breach as it is happening and avert potential harm.

Breach case 2: Don't bite when a phisher calls Neil Sanson
20 March 2017

phishing species

A recent data breach involved a deliberate email phishing* attack on an industry organisation. The email purported to come from the chief executive and requested a copy of the membership list (names and email addresses).

Beware the phishers Charles Mabbett
9 February 2017

phishing

The salutation on the email simply said “Hi”. It arrived at 4.36am on a public holiday in the inbox of a public facing email address, and it appeared to have been sent from a personal email address belonging to the organisation’s chief executive.

Breach case 1: Name your documents clearly Neil Sanson
8 February 2017

Japan road sign 510 Safety Speed svg

It is so easy to send the wrong attachment with an email, especially if the documents you are selecting to attach are not clearly and distinctly named. We see this type of breach fairly regularly so we thought we’d highlight it in this post.