Online consumer security and privacy remains in the headlines as big-name companies continue to report cybersecurity breaches. Further investigations into the JPMorgan Chase cyberhack revealed that 13 other financial institutions’ computers were also breached, while Dairy Queen and Kmart’s in-store payment systems were compromised in recent hacks. In other consumer privacy news, Google added information on European de-indexing requests to its Transparency Report.
JPMorgan Chase hackers targeted 13 more financial companies
More than a month after the JPMorgan Chase cyberattack was made public, the Obama administration and top national security advisers still don’t know whether the financial company’s hack was a typical act of theft or perhaps retaliation initiated by Vladimir Putin for U.S. sanctions on Russia. In addition to JPMorgan Chase, the hackers who perpetrated the attack targeted 13 other financial institutions, including Citigroup, HSBC Holdings, E*Trade Financial and Automated Data Processing, according to a Bloomberg news report. Signs of intruders were discovered in these companies’ computers or logged by their security tools, sources said.
The FBI, the U.S. Secret Service, attorneys general from at least two states and New York federal prosecutors are also conducting investigations, as questions remain regarding the hackers’ motives and the impact of the attacks on the financial industry.
Kmart, Dairy Queen payment systems hit by cyberattacks
Two more U.S. retailers are victims of cyberbreaches that compromised their customers’ payment card information. As in the recent Home Depot breach, hackers infected in-store payment systems at Kmart and Dairy Queen with malware meant to evade antivirus software.
Kmart announced its breach last Friday; company representatives said it was attacked in early September and is working with law enforcement and forensics teams to determine the source of the attack. The company didn’t disclose how many of its stores were affected or how many cards were compromised, but said the malware has been removed from its systems.
Dairy Queen revealed last Thursday that its in-store payment systems were infected, and that it’s working with franchisees to determine which locations were affected. Details of the attacks are provided on its website. According to forensics experts, customer account numbers and expiration dates were stolen.
Google adds details on European de-indexing requests to transparency report
Google is adding a new section to its online Transparency Report called “European privacy requests for search removal,” where it’s listing details about requests for search-listing removals the company receives in Europe.
The section lays out the total number of URLs Google has received for removal, as well as the number of de-listing requests it has received. To date, Google has received 146,938 removal requests and 498,830 URLs to evaluate. The report also breaks down those numbers by European country. Overall, Google grants about 41% of requests, according to the report.
Google’s Transparency report also details removal requests from governments and courts, as well as copyright requests. In May, the Court of Justice of the European Union ruled that Google and other search engines must evaluate individuals’ requests for de-indexing, and that they can only list display results if they serve public interest.