Compromised

Data Breach

 

September 22, 2107

From CCleaner crises to Equifax hacks to Kaspersky confusion, it’s been an interesting couple of weeks for privacy.

 

Update your CCleaner right now.

CCleaner, a popular utility for cleaning up computers, clears out unnecessary temporary files, removes browsing history and cookies, and streamlines your computer’s registry. CCleaner is made by Piraform, which was recently acquired by Avast, the antivirus company.

In a blog post on September 18, Piraform announced that CCleaner had been compromised with rogue code that could allow malicious software to harvest personal information and send it out to bad people with bad intentions. They further stated that the problem was corrected and the situation is being investigated by law enforcement. Read the announcement here.

If yours is one of the 2.7 million computers with CCleaner installed, you should either uninstall it completely, or immediately update it to the newest version which you will find here.

 

Monitor the heck out of your credit, even in Canada

Equifax, one of the Big Three US consumer credit reporting agencies, was hacked, exposing personally identifiable information for roughly 200 million people in the United States and the UK. We know that because privacy laws in the United States and Europe require people to be notified when there’s a problem like that with personal data.

How many Canadians are now vulnerable to identity theft resulting from this security breach? We have no idea. There’s no requirement in Canada for companies to notify the people affected by a security breach, or even disclose that a breach occurred. Canada’s federal privacy commission found out about the Equifax breach just like the rest of us: from media reports.

The Office of the Privacy Commissioner of Canada (OPC) has received a number of complaints and calls from individuals concerned about a data breach at Equifax Inc.

After learning about the breach via media reports, our office contacted Equifax to seek information, including details on how Canadians were affected. Discussions with Equifax are ongoing and the company is cooperating with our office.

Consumers in the USA can request the credit bureaus not provide their information to anyone. This would theoretically stop an identity thief from obtaining a loan or buying a car or getting a credit card with a stolen identity.

Apparently that’s not exactly possible in Canada. I don’t know a way out of this except to monitor the heck out of your credit. Services that do that don’t prevent identity theft, but might catch it sooner.

The US government banned Kaspersky products

This seems a little weird.  On September 13, the Department of Homeland Security issued a directive to its departments and agencies to get rid of Kaspersky products.

The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks. The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security.

Kaspersky denies inappropriate ties to Russian intelligence and other government agencies.

The DHS order affects all computer systems in the Executive Branch.  The Senate passed a bill on September 18 to extend the ban to all government computers.

Boris and Natasha

What do you do to protect your data? Are you happy with the results? Comment here.

 

Do you need help with your computer? I’m here to help you and your home or business computer get along!

Cate Eales runs Computer Care Kelowna, a mobile service helping home users and businesses get along with their computers. To arrange an appointment phone her at 250-764-7043. Cate also welcomes your comments and suggestions. Send email to help@computercarekelowna.com.

You can read previous columns here. If you’d like to subscribe to this column by email, please visit this link. It’s easy, free, and now ad-free. If you’d prefer the RSS Feed, click here.

 

Links

CCleaner Features https://www.piriform.com/ccleaner/features
Piraform Secuirty Announcement https://www.piriform.com/news/blog/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users
Download CCleaner https://www.piriform.com/ccleaner/download/standard
Office of the Privacy Commissioner of Canada: Equifax breach https://www.priv.gc.ca/en/opc-news/news-and-announcements/2017/an_170912/
DHS Statement https://www.dhs.gov/news/2017/09/13/dhs-statement-issuance-binding-operational-directive-17-01
Kaspersky response https://usa.kaspersky.com/about/press-releases/2017_kaspersky-lab-response-to-issuance-of-dhs-binding-operational-directive-17-01
Computer Care Kelowna http://computercarekelowna.com/
Getting Along With Your Computer Column Archives http://www.castanet.net/news/Getting-Along-With-Your-Computer/
Get Cate’s column by email http://eepurl.com/cqhaTL
RSS Feed: http://computercarekelowna.com/feed

© Cate Eales 2017 – All Rights Reserved
This column appeared on Castanet.net September 25, 2017

print