News & Notes–June 30, 2021

Data for 700 million Linked In Users Posted for Sale:

• Linked In says that no public breach occurred so the next likely theory for the source went to the scraping of public profiles, according to the Cybersecurity Headlines podcast. Or more probably the publicly available info of each user. For instance, you can set your profile to be fully open to the public, or private with certain information set to be publicly available. So that info could be publicly available to search engines and the wider internet. (Always check your settings.) This comes after the loss of 500 million records in April. No financial info was released. But the raw data can be used for identity theft, spam, brute force attacks, and social engineering schemes.

The U.S House of Representatives introduced a billed called the American Cybersecurity Literacy Act to mitigate cybersecurity risks:

• A bi-partisan group of lawmakers introduced the bill that would mandate the National Telecommunications & Information Administration (NTIA) to set up a cyber literacy campaign to bring awareness of online security and prevention of potential cyber attacks. The awareness programs include basic security lessons on:
  • How to detect phishing emails
  • The importance of strong passwords
  • Using MFA
  • Risks associated with the public internet
• The proposed legislation was led by representatives Marc Veasey (D-TX), Adam Kinzinger (IL-16), Anna Eshoo (D-CA), Gus Bilirakis (R-FL), and Chrissy Houlihan (D-PA).
• Commenting on the new legislation,  Congressman Veasey said, “Congress expanding internet availability to millions across our country has underscored the importance for all Americans to know how to properly protect themselves online. The American Cybersecurity Literacy Act will provide federal resources to educate our constituents on how to do everything from properly identifying secure websites to knowing about the potential cybersecurity risks of using publicly available Wi-Fi networks. Ensuring that all Americans have the tools to protect themselves against harmful cyber-attacks make us all safer in the long run.”