The Daily Swig Web security digest

‘Uber has essentially rolled the dice with its customers’

James Walker | 24 November 2017 at 11:47

Top netsec trends in the social media spotlight this week…

Social media channels were dominated this week by Uber’s announcement that hackers had obtained the personal details of 57 million users, and the names and driver’s license numbers of around 600,000 Uber drivers in the US.

In a lengthy post published on the tech firm’s website on Tuesday, the Uber boss said two individuals outside the company had “inappropriately accessed user data stored on a third-party cloud-based service” in October 2016.

Many aired their thoughts on the matter via Twitter, and while Uber’s WebSec policies were called into question, it was the fact that the company took over a year to spill the beans that drew the most fire:

CBS, meanwhile, called into question the hackers’ promise that they had deleted the stolen data after receiving a $100,000 baksheesh from the ride-hailing company:

A turbulent week for Uber came to a close with the Financial Times announcing that EU authorities are considering a joint investigation into the hack. This followed earlier reports that lawyers were already preparing a class-action lawsuit in California and that New York’s State Attorney General Eric Schneiderman was probing the breach:

Of course, the Uber scandal is just the latest in an ever-growing list of AWS S3 bucket blunders. And with no shortage of irony, given the timing, Amazon has just released a YouTube tutorial for those looking to ensure their cloud servers are secure:

In the cryptocurrency world, meanwhile, Parity Technologies has issued a post-mortem on the multi-signature vulnerability that blocked 587 ethereum wallets holding a total value of around $165 million.

As it stands, there remains no immediate solution to renewing access to the wallets, and Parity said it can provide “no timeline” for the release of the funds:

Finally, as the debate surrounding net neutrality shifts up a gear in the US, further details have emerged over Elon Musk’s plans to send thousands of internet satellites into space:

According to a statement from SpaceX, the ‘Starlink’ project will see SpaceX place 4,425 super-fast internet satellites into orbit by 2019, providing one Twitter user with hope of a bright (and fast) digital future: