Robinhood Trading App Suffers Data Breach Exposing 7 Million Users’ Information
The malicious third-party is believed to have socially engineered a customer service representative to gain access to internal support systems, using it to obtain the email addresses of five million users, full names for a different group of about two million people, and additional information such as names, dates of birth, and zip codes for a limited set of 310 more users.
Robinhood trading app hit by data breach affecting seven million
I also saw the same news on the BBC. This time the information leak will undoubtedly have a serious impact on the company. Not just email, full name, or address, but more importantly, it also includes SSN and financial information. But Robinhood rejected the payment request and invited an external network security company to handle the matter.
The following article, “The Journey to Zero Trust Begins with Identity”, was obtained via infosecurity magazine. To begin, the zero trust security model or architecture can be used by a business as a method to achieve and/or accelerate digital goals. It defies traditional security architecture because the mindset with zero trust is that anything and everything can be hacked, therefore, nothing can be trusted. Whereas traditional security relies on guarding the network perimeter, zero trust models rely on identity controls since trusted perimeters are arguably not attainable considering the expansion of new technologies. Under the principle of zero trust, all users and devices must first be authenticated and authorized before they can gain access to sensitive resources or data. Beyond the network, identity should enforce trust to users, devices, and other resources. If an organization can successfully determine their needs and have IT and security teams buy-in and adhere to zero trust principles, the model can offer numerous new benefits and capabilities to transform their security posture such as going passwordless, centralized management, dynamic risk, centralized management, etc.
Robinhood Trading App Suffers Data Breach Exposing 7 Million Users’ Information
The malicious third-party is believed to have socially engineered a customer service representative to gain access to internal support systems, using it to obtain the email addresses of five million users, full names for a different group of about two million people, and additional information such as names, dates of birth, and zip codes for a limited set of 310 more users.
Link: https://thehackernews.com/2021/11/robinhood-trading-app-suffers-data.html
Robinhood trading app hit by data breach affecting seven million
I also saw the same news on the BBC. This time the information leak will undoubtedly have a serious impact on the company. Not just email, full name, or address, but more importantly, it also includes SSN and financial information. But Robinhood rejected the payment request and invited an external network security company to handle the matter.
link: https://www.bbc.com/news/technology-59209494
The following article, “The Journey to Zero Trust Begins with Identity”, was obtained via infosecurity magazine. To begin, the zero trust security model or architecture can be used by a business as a method to achieve and/or accelerate digital goals. It defies traditional security architecture because the mindset with zero trust is that anything and everything can be hacked, therefore, nothing can be trusted. Whereas traditional security relies on guarding the network perimeter, zero trust models rely on identity controls since trusted perimeters are arguably not attainable considering the expansion of new technologies. Under the principle of zero trust, all users and devices must first be authenticated and authorized before they can gain access to sensitive resources or data. Beyond the network, identity should enforce trust to users, devices, and other resources. If an organization can successfully determine their needs and have IT and security teams buy-in and adhere to zero trust principles, the model can offer numerous new benefits and capabilities to transform their security posture such as going passwordless, centralized management, dynamic risk, centralized management, etc.
Link to article: https://www.infosecurity-magazine.com/opinions/journey-zero-trust-begins-identity/