The owner of fast-food chains KFC, Pizza Hut and Taco Bell has confirmed a data breach. Yum! Brands is sending out notification letters after it became away of a ransomware attack in January. The details leaked include some individuals’ names, driving licence numbers and ID card numbers. As a result of the attack, 300 restaurants were shut down in the UK. A spokesperson said: “While this incident caused temporary disruption, the company is aware of no other restaurant disruptions.”
AI-based tools including ChatGPT and Stable Diffusion are facing the wrath of the courts as regulators seek to punish those who use content without notice or consent. Following the ban of ChatGPT in Europe, the Canadian privacy commissioner began an investigation into the company for processing personal information without consent. Michael Woolrise, a professor of computer science at the University of Oxford, warns of a “coming storm” for artificial intelligence companies.
A survey of IT security professionals has revealed that 40% are encouraged not to report a data leak. Findings from Bitdefender’s 2023 Cybersecurity Assessment Report revealed that 50% of organisations experienced a leak in the last year. Four in 10 across all the countries surveyed were advised to keep it quiet – a figure rising to 70% in the US. The main incentives for keeping schtum were fear of legal action, according to the report.
MyCena Security Solutions, the pioneer and leader in Access Segmentation and Encryption Management (ASEM), today announced the addition of a new feature to its MyCena Desk Center (MDC) platform, designed to reduce payment card fraud at organizations processing financial transactions on behalf of customers.
Organizations like retailers, travel agencies or buying offices, store payment card information for their customers in order to make payments on their behalf. But when it comes to storing the financial data of their customers, lists of payment card information are often stored in Excel spreadsheets or on paper, where sensitive card details are kept in plain text accessible to all employees. This is a leading cause of fraud, as companies cannot know when and by whom the customer payment card information may have been stolen and used by to make unauthorized financial transactions. This is leading cause of disputes and penalties between card processing companies and their customers.
Requested and co-designed with its own customers to help address this massive fraud problem, MyCena has developed and released a new payment card feature on its MyCena Desk Center platform to store each payment card separately and make it only accessible by employees from a controlled multi-layered security fortress.
Without any infrastructure change, companies can upload all payments cards to the MyCena console. Card information is stored encrypted but accessible for the employees who need them for a transaction. Instead of accessing a file with all payment cards stored in clear text in one place, employees open their MyCena Desk Center application, a multi-layered (Bronze, Silver or Gold) secure digital fortress, look for the card they need by individual company code or name, and click on it to access its details. Employees then use the copy-and-paste commands to fill in the transaction, purchase or booking form.
To help investigate in the case of fraud, companies that have MyCena Desk Center Governance Module can audit all past events on the application and track when a specific credit card has been used. or
The solution makes targeting employees to steal their access credentials to payment cards file unfruitful for scammers, phishers and criminals, as these centralized lists of payment cards file no longer exists. This significantly strengthens cybersecurity and data protection for businesses processing payment cards. It helps to prevent expensive fraud incidents and subsequent penalties for card processing organizations.
“Everyone knows that financial information is the primary target for criminals, so securing this information is critical to any business that stores customer payment card details. When organizations store all the payment card information of their customers in plain text in a spreadsheet or in a list on paper, this becomes a security liability for them and their customers, as the list is fully accessible, viewable and stealable by any person in one go. The organization has no way to know if that list is copied in part or in full by any of the employees with access, exfiltrated or sold for malicious purposes. Using MyCena’s unique and easy-to-use system, the organization can now control who has access to which cards, and control which payment card has been accessed by whom, and when. When an employee needs to process a payment, they enter their MyCena fortress application, look for the specific customer card and use the details to make the transaction. It is so easy but represents a major improvement in card processing security, control and auditing,” said Julia O’Toole, CEO of MyCena Security Solutions.
Cybercriminals are using AI tools like ChatGPT to create convincing phishing emails. In a move that is concerning cybersecurity teams everywhere, the use of ChatGPT could significantly reduce costs for cybercrime gangs and eliminate language barriers. Internet users need to be aware of these scams and learn to spot them instead of relying on spotting phishing scams through poorly written text. According to Julia O'Toole, CEO of MyCena Security Solutions, AI tools such as ChatGPT make it much more difficult to spot scam emails. O'Toole warns that cybercriminals are currently exploring ways to use ChatGPT to defraud victims, despite built-in protections to prevent this. She adds: “The quality and speed of execution of ChatGPT makes it a powerful productivity hack. With it, criminals can now launch complex phishing campaigns, generating emails faster with higher chances of success.”
In February 2020, News Corp suffered a state-sponsored breach that went undetected until January 2022. The attackers accessed business documents and emails linked to a small group of employees, potentially compromising sensitive information such as Social Security numbers, names, and health insurance numbers. News Corp believes the attack was part of an intelligence-gathering mission by a threat group supported by the Chinese government. The nearly two-year dwell time was longer than average, and it is unclear why News Corp took over a year to reveal the breach's extent. "Two years to detect a breach is way above average," confirmed Julia O'Toole, CEO of MyCena Security Solutions. With attackers regularly gaining easy access to corporate networks through compromised credentials, we may continue to see these attacks. O’Toole adds: "Despite all the investment in threat detection tools, over 82% of breaches still involve compromised employee access credentials."
