Notes

• What is Data?

  • What counts as data?
    • Personal info (name, address, SSN)
    • Photos, messages, documents
    • Anything stored, shared, or used online
  • Why data matters
    • Reflects your identity & memories
    • Includes private & sensitive info
    • Data loss can mean:
      • Identity theft
      • Lost files
      • Emotional distress
  • Why others want your data
    • Advertisers: track you to sell products ● Hackers: steal & sell on the dark web ● Companies: build detailed behavior profiles

• How is data secured?

  • Data at rest: Stored data such as on your phone, laptop, or cloud storage.
    • Protected with strong passwords, encryption, and secure devices.
  • Data in transit: Data moving from one place to another like sending a text or uploading a file.
    • Protected with HTTPS, VPNs, and end-to-end encryption.

• How data gets compromised

  • Phishing
  • Malware
  • Unsecured WiFi
  • Social Engineering
  • Data Breaches

Real world examples

• Target Data Breach (2013)
  • Hackers got access through a phishing attack on a third-party vendor.
  • Installed malware on Target's checkout systems.
  • Stole credit and debit card info from over 40 million customers.
• How the data was compromised:
  • Phishing email tricked the HVAC vendor.
  • The weak third-party security gave hackers a way into Target’s networks.
  • The malware collected card data as people shopped
• Facebook (Meta) Data Leak (2019)
  • Data scraped from public profiles using Facebook’s own tools including names, phone numbers, and locations.
  • Data was posted on hacker forums for free.
• How the data was compromised:
  • Poor API security allowed large-scale scraping
  • No hacking required, Facebook failed to stop it.

Secure your data

• Strong passwords and MFA
  • Use long, unique passwords
  • Turn on multi-factor authentication (MFA)
• Opt out of data sharing
  • Adjust privacy settings, opt out of tracking
  • Don't overshare personal information
• Safe browsing and app usage
  • Look for HTTPS
  • Avoid sketchy links or apps
  • Keep software updated
• Recognize phishing and social engineering
  • Don’t click on suspicious links
  • Watch for strange and/or urgent messages
  • Never share passwords or codes

Data Privacy Laws

• GDPR (General Data Protection Regulation) - Europe
  • Gives individuals control over their person information/data
  • Requires companies to get clear consent before collecting data.
  • Large fines for breaking the rules.
  • Covers the entire EU
• CCPA (California Consumer Privacy Act) - California
  • Individuals can see, delete, and opt out of data sharing.
  • Applies to businesses that collect a lot of data or make money from it.
• HIPAA (Health Insurance Portability and Accountability Act) - USA
  • Protects health information
  • Doctors, hospitals, and insurance companies must keep your data private.

Vocabulary & Key Terms

Data at rest

Stored data such as on your phone, laptop, or cloud storage.

Slides

Mod 5_ Data Security (slides)