Hello ️👻,
Welcome back to the October edition of the Récap'IT.
The end of October will be marked by the Free cyber-attack, to which we'll return in a moment.
📅 Today's agenda:
👉 Go !!
Before we start, I invite you to follow us 👉️
Free was hit hard by a cyberattack at the end of October. Customer data and IBANs were stolen.
19 million customers affected. Although Free initially denied that any banking information had been hacked, an e-mail was soon sent to customers telling them that their IBAN had also been stolen, affecting 5 million of them.
Like a lot of people, I thought, what's the worst that can happen? The hackers will make a transfer to our account! Well, no.
The first risk is that you'll be stalked, as your personal data associated with the IBAN can be used to identity you, or to target you with more sophisticated phishing attempts (as having a very large amount of information makes it all the easier).
You also risk fraudulent debits from your bank account, as cybercriminals can use this information to make unauthorized purchases or transfers.
What's next?
Call your bank to let them know that you are one of Free's victims, and that you would like your account to be monitored more closely.
Check your accounts regularly, and keep track of your transactions. Don't expect to see anything significant like €3,000 coming out of your account all at once. It's happened to me before, and the sums were derisory: €1.5, €4. At first, it's just small amounts that disappear to check that the card is valid. On many banking applications, you can immediately block all payments from your card before stopping payment if you have any doubts.
There's a site where you can check whether your email has been compromised: https: //haveibeenpwned.com/ but the bad news is that it's likely that your data - email, surname, first name, phone number - is out there, as more than 80% of the French population is affected by data theft.
What are the consequences for Free? The CNIL had announced that an online form would be set up at the end of October 2024 to make it easier for those affected to lodge a complaint, but suddenly the project has just been cancelled... Long live NIS2.
Sources: France Info, DémarchesAdministives.fr
Receive the best IT news of the month.
Market trends, IT trends, cyberattacks in France... a summary of the news
While everyone agrees that cybersecurity has become a major issue for companies, CISOs don't get the same feeling from their management.
A recent Trend Micro study reveals a worrying gap between Chief Information Security Officers (CISOs) and boards of directors. According to the study, 79% of CISOs feel that their boards do not take cybersecurity risks seriously enough.
CISOs are seen as fussy and pessimistic. They have little or no say on the boardroom floor, and for good reason: CISOs don't speak the same language as managers, so they don't understand each other.
CISOs are struggling to convey the importance and complexity of cyber risks, and only 56% say their managers fully understand cyber risks.
Only a major cyber-attack would make a difference, yet 94% of companies have indicators to measure the value of their cybersecurity strategy. 46% of CISOs realize that their words are listened to more carefully when they have been able to measure the financial impact of cybersecurity failures.
58% of CISOs think that they need to receive training in communication skills if they are to communicate more effectively with their management. At the same time, NIS2 and DORA are there to get the ball rolling, and to get companies' management to move up a gear.
Sources: Globalsecurity, ITSocial
Google is furious at Microsoft for locking in its positions on its Azure cloud platform.
Google Cloud has complained to the European Commission about anti-competitive practices.
Google accuses Microsoft of using its licensing conditions to force companies to use its Azure cloud platform.
Indeed, organizations that would like to migrate to another cloud for better budgetary control or performance reasons are blocked. Microsoft plays on " licensing conditions that prevent European organizations from moving their current Azure workloads to competing clouds - even though there is no technical barrier to doing so - or imposes a 400% price premium", explains Amit Zavery, vice-president of Google Cloud Platform.
A similar complaint had been filed by other players such as OVH and Cispe, but Google Cloud did not join them, and last July Microsoft reached an agreement with them to address similar concerns.
The European Commission has taken note of the complaint and will examine it.
Source : Lefigaro
A little creepy but interesting. Two Harvard students have developed a borderline technology with Meta's Ray ban smart glasses. They have created smart glasses equipped with a facial recognition system capable of instantly identifying people and retrieving personal information about them.
The project, called I-XRAY, identifies a person from their face and retrieves additional information such as address, telephone number and family members!
The creators, AnhPhu Nguyen and Caine Ardayfio, say their project aims to raise public awareness of the possibilities offered by this technology. They have no plans to publish the source code.
However, this experiment, which was tested on non-consenting people in the real world, highlights the fine line between a world where people can move around in relative anonymity, and a world where everyone'sidentity and personal information can be instantly accessible to strangers.
This development raises important ethical and privacy issues concerning the use of facial recognition and access to personal data in public spaces.
Would you like to receive our white paper on identity and access management?
Le groupe Hospi Ouest: A dozen clinics and care centers in Bretagnes and Pays de la Loire have been hit hard by a cyber attack. A ransom has been demanded.
Game Freak: the company that develops Pokémon games has been the victim of a massive data leak. Revelations of new games and employees' personal data have been leaked, and all this data is being analyzed by Internet users.
Ornikar : the online code-learning platform has been hacked and 4.3 million customer accounts are for sale.
Union Nationale des Missions Locales: a service provider for the French Ministry of Labor and Employment has been the victim of a cyber attack.
The Coopérative d'Exploitation et de Répartition Pharmaceutique (CERP) Bretagne-Atlantique: has suffered a cyber-attack affecting its information systems, in particular for receiving online orders.
Libération: was the victim of a ransomware-type cyberattack that disrupted editorial operations.
Clairefontaine-en-Yvelines: the town has been hit, with all administrative services affected.
Oyonnax: the town has been the victim of a cyber-attack and its e-mail system is no longer operational.
Forms
Forms are an essential component of Youzer, enabling you to add to your user repository all the people who fall through the cracks, i.e. temps, contractors and trainees of less than 2 months.
Youzer integrates users via various channels: HR connectors, CSV files and forms.
You can create different types of form to suit your needs, such as adding or modifying a user.
You send the forms to the people concerned (managers, for example), who then have the opportunity to fill them in.
You can decide to secure access to forms by means of identification.
Once the form has been filled in, it will be sent to the people you have specified. You can segment the information to be sent to each person.
Sometimes, several people need to contribute to the same form. To facilitate this process, you can use workflows. This feature allows you to create a single form, which is then passed on to each contributor in turn. So, as soon as one person has completed his or her part, the form is automatically sent to the next participant in the chain.
Thank you for reading me this far!
Any feedback, want to discuss a project?
I'm here for that 👋.
We've sent you the newsletter and you think it's great? Sign up here 👇
Sharing this newsletter is what keeps it alive!
Every month I send you my discoveries, my analysis on IT news.
I do a lot of monitoring and I share it all!
I'm Mélanie and I'm Youzer's marketing manager.
About me? I have an unquenchable thirst for learning! I'd rather read a book 100 times than watch a movie. I'm a fan of HP 🧙🏼.
I do running and collective sport roller (don't look for it, it's dangerous).