Authentic8 Blog Category: Identity

Local Browser Wins Olympic Gold for Worst Security

Illustration: Local Browser Wins Olympic Gold for Worst Security - Authentic8 Blog

by Amir Khashayar Mohammadi

Nearly every web browser comes equipped with a built-in password manager. Combined with all its other inherent vulnerabilities, this makes the local browser an even more attractive target for automated attacks. The bad guys would love to gain access to the container that keeps track of the keys to your online bank. Given the browser’s weak security underpinnings, how hard could it be?

Not too hard. This was confirmed, once again, by news that broke earlier this week. A new piece of malware, dubbed "Olympic Destroyer" by security firm Talos, does just that. Its purpose was to target a network of non-critical systems at this year's Winter Olympics in PyeongChang, South Korea.

Cybersecurity researchers pointed out that Olympic Destroyer was designed to take computers offline by erasing critical system files. But that was not the whole story. Olympic Destroyer also features two critical methods of stealing credentials.

One technique targets those credentials stored in the

Book Review: What They Really Do With Your Medical Data

Thumbnail: Book Review: What They Really Do With Your Medical Data - Illustration for Authentic8 blog review of Our Bodies, Our Data by Adam TannerSECURITY, IDENTITY, NEWS

Happy Data Privacy Day.  A new book provides an in-depth look at the commercial trade in patient medical data.  Sensitive data, a vibrant market, and not much cause for celebration.


A while ago, I wrote about the wave of data breaches at healthcare organizations and medical identity theft that is impacting millions and what we can do to protect ourselves better.

One of the readers of that post was acclaimed journalist Adam Tanner, who has reported on data collection and consumer privacy since 2012.

Adam and I have had an ongoing discussion on data privacy and security matters since we met a few years ago.  He was covering the issue for Forbes, and I had a chance to brief him on our secure browser solution.

A few weeks ago, he kindly directed my attention to an unknown - to me, at least - aspect of our personal medical records. I thought our medical data was sacrosanct.  Protected by regulatory

How Medical Identity Theft Works, and How it Can Impact You

Image: Patients in Waiting Room with Chart: Indivituals Impacted by Healthcare Data BreachesIDENTITY, SECURITY

The healthcare industry currently tops the target list of cyber criminals, according to IBM’s 2016 Cyber Security Intelligence Index [PDF]. The Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data (Ponemon Institute) reveals that 89 percent of healthcare organizations and 60 percent of their business associates experienced data breaches over the past two years.

Recently, ransomware attacks (incidents where hospital data are encrypted and only released after a ransom is paid) have dominated the headlines. But most data breaches within the healthcare industry involve an even more lucrative target: medical records and related Personal Identifiable Information (PII), like Social Security numbers.

What does this mean for you? Medical identity theft via computer comes at staggering cost to the victims. They have to pay a steep price to get their life back: on average more than $ 13,000, according to one study. To make matters worse, victims can find themselves cut off from their doctors or get misdiagnosed,

Can You Trust Your Tax Preparer?


IRS forms can suck the joy right out of a wonderful April day. Do you prefer online tax filing? Guess what: so do cyber criminals. Also on their target list: CPAs and local tax preparer offices.

The IRS expects damages from tax refund fraud - somebody filing for a refund, using a stolen identity - to rise to $21 billion this year. This increase is in part due to the widespread use of e-filing services by taxpayers.

While such services make filing for a refund easier, some Internet tax filing platforms are also known to fuel tax fraud. Organized scamsters use them to automate their scheme online.

That tax refund you expected? The one that’s long overdue? It may have been paid out already, but to somebody else: to a tax scam artist.

As a victim of tax refund fraud, up to nine months can pass before you finally receive your money. That’s on average how long it takes

Your data has been leaked - now what?


The math isn’t good. Since 2013, more than 1 billion records containing personally identifiable information (PII) have been compromised. From credit card purchases at hardware stores to government background checks, your data is on servers completely outside of your control. And it appears that the owners of those servers haven’t cared about securing your data as much as you have. So your data has been leaked. Your world is changed, and here are 6 steps to take to get back in control of the situation -- a few of them immediately, the rest over time.

Do this TODAY!

Acknowledge that you are a victim. Say it to yourself: “My data has been stolen and will probably be sold to the highest bidder.” That realization should permeate your behavior. Where you used to click links, enter passwords in fields, or throw official-looking mail in the trash, now you can’t. Try to assess everything you receive from the perspective of