Security "Bits"

Bitglass Security Spotlight: Popular Messaging App Exposes Users’ Private Data.

By Will Houcheime | December 16, 2020 at 5:00 AM
Newspaper Icon with News Title - Red Arrow on a Grey Background. Mass Media Concept.

Here are the top stories of recent weeks:

  • Go SMS Pro Users’ Private Data Leaked
  • Ransomware Hits Hosting Provider,
  • Cryptocurrency Exchange Portal Experiences Security Breach.
  • Capcom Confirms Data Breach via Ransomware Attack
  • Canadian Privacy Law Enforces Heavy Fines for Noncompliance

Go SMS Pro Users’ Private Data Leaked

Go SMS Pro, a popular Android messaging app, had it’s photos, videos and other files exposed due to a bug. Security researchers discovered that when a user sends a file to a non-user, the app uploads the file to its servers and generates a web address so the recipient can see the file without installing the app. Security researchers notified the app maker and gave them an appropriate amount of time to fix the issue. However, after the researchers received no response, the news went public.

Ransomware Hits Hosting Provider, 

A ransomware attack hits and has forced them to take their servers and web hosting systems offline. The purpose of this was to stop any further infiltration which could have potentially affected their clients' websites. As they work to recover from the attack, it's not known if the attackers stole any data before encrypting the servers. Multiple sources have claimed that REvil, a ransomware group, is responsible for the attack. 

Cryptocurrency Exchange Portal Experiences Security Breach.

Liquid, one of today's top cryptocurrency exchange portals, announced in a blog post on its website that it has experienced a security breach through its internal network. The company said it discovered the attack before the hacker could steal any funds, but an investigation revealed that the attacker was able to collect personal information from their database which included names, home address, emails, and encrypted passwords. The company blamed its domain name provider, claiming that they incorrectly transferred Liquid's account to the hacker.

Capcom Confirms Data Breach via Ransomware Attack

The Japanese game maker behind the Resident Evil and Street Fighter has confirmed that customer data and files from its internal network leaked following a ransomware attack. In a statement, the company said more than 350,000 customers' data may have been stolen alongside internal data and confidential documents. Capcom claims that no credit card information was stolen as payments are managed by a third-party company.

Canadian Privacy Law Enforces Heavy Fines for Noncompliance

Following the footsteps of the European Union, which introduced General Data Protection Regulation (GDPR). Canada's Innovation Minister Navdeep Bains proposed a new privacy law that gives Canadians new rights over how their data is held, gathered, and shared. The draft law could pause data collection, and companies that do not comply could be fined up to 5% of their global revenue for serious violations.

To learn about secured access service edge (SASE) and how they can protect your enterprise from data leakage, malware, and more, download the Top SASE Use Cases below.

Download Now



see all