Clearview AI is a startup that compiles billions of photos for facial recognition technology and works with approximately 600 law enforcement agencies across North America, including the Toronto Police Service.
 
In a recent statement, Clearview said it lost its entire client list to hackers. Tor Ekeland, an attorney working for Clearview, said in a statement to The Daily Beast: “Unfortunately, data breaches are part of life in the 21st century. Our servers were never accessed. We patched the flaw, and continue to work to strengthen our security.”
 
We have all seen the typical heist movie, where robbers target impenetrable bank vaults, give up on that option, and wait until the goods are transferred in a less secure method (i.e. an armored car).  What happened here is akin to targeting armored cars. Knowing that Clearview has dedicated significant resources to protecting their data, with the client list in hand, hackers can now target the potentially less secure clients instead.
 
Accepting that a data breach is inevitable is becoming the new “normal” as hackers are finding ways around the most secure vaults. Contact us to learn more about how to protect your organization's data from both direct and indirect data breaches.

Researchers at a cybersecurity firm, UpGuard, recently discovered that the Australian market analysis firm, Tetrad, left data for 120 million individuals publicly exposed in Amazon storage. This was not a traditional breach situation, rather this leak was a result of a ‘misconfiguration’ which allowed anyone with a browser to access and download certain files. The exposed data came from various retail clients of Tetrad and included sensitive details such as names, addresses and purchasing habits.
 
Organizations that collect data on a large scale must ensure that they have proper data retention policies and procedures in place to safeguard against the risk of a data breach (or data leak, as was the case here). This case also shows that your data is only as safe as your weakest link and that business partners' mistakes could negate any policies or procedures of a company.
 
At MT>3 we provide advice and guidance on information governance solutions to best protect organizations and their clients. Get in touch with us to learn more. 

On February 10, 2020, the US Justice Department announced charges against four members of China’s military on suspicion of hacking into Equifax. Charges against members of the Chinese military are rare, but in this case an exception was made for state-sponsored actors who stole the personal data of approximately 145 million Americans.
 
This breach, in combination with a series of other breaches, has serious implications. Collectively, this data could be used to target American intelligence officers or other officials and interfere with elections. In addition, used in conjunction with artificial intelligence technology, this may allow China to advance its ability to conduct cyber espionage.
 
Although there is no evidence yet that the Chinese government has used the data from the Equifax hacking, Christopher Wray, the director of the FBI, commented that China has “pioneered an expansive approach to stealing innovation”. Hopefully these charges will be a powerful deterrent to this type of theft in the future.