Just hours ago, it was made public that PayPal has had a security breach due to their newly acquired networks company TIO.
Back in February, Paypal had acquired TIO Networks in hopes of introducing the TIO customers to PayPal’s services. This attempt at bolstering their user numbers has actually backfired.
Thus far it is estimated that 1.6 million customers’ personal information has been breached. PayPal has suspended TIO networks last month after discovering the evidence of a security breach. PayPal stated that TIO’s network had discovered the vulnerability in security and that the forms of information that was taken could be customer names, addresses, SSN, and login credentials.
It is important to note that the PayPal systems and TIO systems are separate networks and PayPal customers were unaffected. Thus far, TIO will remain in suspension until TIO’s platform issues with data security and information security standards are up to PayPal’s standards.
It’s quit lucky that PayPal had chosen not to fully merge the systems otherwise this could have become an even bigger issue and also involving customers with PayPal accounts.
Be careful where you put your sensitive information on the web, and ensure the businesses your using has strong network defenses.
Just hours ago, it was made public that Morrisons, a super market, is being held liable for the breach of information involving their workers.
Workers of Morrisons recently made a claim against the company after another employee named Andrew Skelton, stole data from the company that includes working salary, bank details, names and addresses of nearly 100,000 employees.
Morrisons believes it should not be held accountable for the actions of Skelton and is appealing against the decision.
This security breach occurred in 2014, that was when Skelton, a senior internal auditor leaked the information of employees to the internet and newspapers.
Supposedly this was a grudge retaliation over an incident that had recently occurred. Skelton was jailed for eight years in 2015, guilty for fraud, securing unauthorized access to computer material and disclosing personal data.
Lawyers claim the company is at fault for lacking security means and the vulnerability of 5,518 former and current employees. The Judge has ruled in favor of holding Morrisons accountable for the incident.
Recently, a user on Reddit gave information on a huge Mac OS High Sierra vulnerability. Access to “root” permissions is as easy as an empty password, potentially leaving users extremely vulnerable. If someone has physical access to a Mac OS High Sierra system, they can access personal files and change anything without any admin credentials.
This is a huge vulnerability for Mac users. Developer Lemi Orhan Ergin contacted apple to inform them of the vulnerability. Apple at the time had no update ready for such an issue, however informed of users a way to mitigate the possibility of someone gaining root access.
Disable guest users
Opening up the system preferences and finding the “Users & Groups” section you can select guest users and uncheck “Allow guests to log into this computer.”
By doing this, no one can log into a guest user account and give them direct access to the root permissions option.
Change root password on Mac OS High Sierra
Another means of mitigating this issue, is by actually assigning a password to the root permissions, so if someone did attempt to enter with an empty password, they would be outright blocked.
- Launch systems and preferences
- Select users and groups
- Login options
- Join which is next to the “Network Account Server”
- Open Directory Utility
- Click the lock icon, and enter your password to gain access
- Once inside, in the menu bar of directory utility, select “Change Root Password”
That’s it! Make your own password for the Root access and ensure it is strong to keep it worth this effort!
Apple has informed that they are working on a quick patch, so the problem shouldn’t be relevant for too long, however it is always good to become familiar with this side of your system and learn of it’s layout, in case something in the future pops-up involving the same issue.
Stay safe and hacker free! Give us a call at re2tech and we can beef up your security and help explain your system and it’s workings to you in the process!