Nokia Smartphones currently use the Symbian operating system, but are changing over to the Windows Phone 7 system right now. As this has all been being developed for launch, the personal information of the development team at Nokia was leaked by hackers who were able to breach Nokia’s security this week. It seems that the hackers responsible were from Antisec. At this point there isn’t any evidence to suggest that their data has been abused in any way, ie. in identity theft, so it seems to be more of a prank than sabotage. The information that was stolen was just that which the developers gave to the site themselves, and for a lot of them that was just an email address. However, some developers gave more personal data willingly when signing into the system.As someone in the IT industry, I can’t fathom why anyone, especially IT people, would supply more data than is mandatory to in order to enter a site. If all that was required was an email address, then why would one give anything else? That was the case here, yet several developers filled in all of the “blanks”.
Having your email address stolen may just result in some extra spam, thereby being a nuisance, but not a threat. By the same token, why would Nokia have non-mandatory fields for the developers to supply their data to? Therefore, the responsibility of that data safety lies with Nokia to protect the data they’ve requested, including that which was not compulsory, and it lies with the developers for supplying more personal data than they had to. I read a comic within the last month or so – but could not find it in order to post a link to it here unfortunately – that was about internet security. On one side was the heading “Private” and on the other side it said “Not Private“. Under “Private” it said “not on the internet” and under “Not Private” it said “on the internet”. That pretty much sums it up. Regardless of the motive and the outcome, Nokia now has a blemish on their public face. FYI, I am currently a Nokia Smartphone owner on the Symbian OS.
A Star Wars Galaxy fan site was hacked this week by ObSec, a subsidiary of LulzSec, and over 23,000 usernames and passwords, and more than 21,000 email addresses, were stolen. The site hasn’t been properly maintained since 2009, so the security was easy to breach. Again the responsibility lies with the site itself for not maintaining it properly and yet leaving it active and therefore an open invitation to hackers, and it also lies with the 23,000 users of this site; Although they may not have been active on this site, if they have used the same usernames and password combinations elsewhere, then those sites are now at risk also. This is why we MUST all be diligent about using different username and password combinations everywhere, and updating/changing them on a regular basis. There are plenty of password managers out there, and the ones that we have to pay for are inexpensive. Remember, just because you have forgotten all about your data being stored somewhere because you aren’t currently using it, doesn’t mean that it has forgotten about you!
Anonymous have also been busy this week, hacking Texas Police computers in retaliation to some of their “members” being arrested. Approximately 3GB of sensitive data was stolen and published online, including: 647 social security numbers, 174 passwords, 83 drivers license numbers, 6,182 dates of birth, 42 credit card and bank account numbers, 10,175 personal postal addresses, 325,596 email addresses, & 78,869 phone numbers (via PC Mag).
This puts a LOT of police officers at risk, and they’ll be busy moving house and changing their identification in order to protect themselves and their families, which means less time to protect those whom they serve. However, the “point” that Anonymous is trying to make is that the police in Texas aren’t doing their job anyway. Fighting fire with fire seems like it’s just going to build a bigger fire though, rather than causing policy change. We’ll continue to follow this story as it unfolds, right here.
Bookmark this blog!