{"id":61403,"date":"2023-12-08T20:25:32","date_gmt":"2023-12-08T11:25:32","guid":{"rendered":"https:\/\/monolith.law\/cs\/?p=61403"},"modified":"2024-03-26T16:34:52","modified_gmt":"2024-03-26T07:34:52","slug":"trends-in-personal-information-leakage-and-loss-accidents-in-2019","status":"publish","type":"post","link":"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019","title":{"rendered":"Trendy \u00fanik\u016f a ztr\u00e1t osobn\u00edch \u00fadaj\u016f v roce 2019 (v roce Heisei 31 \/ 2019)"},"content":{"rendered":"\n<p>Podle Tokijsk\u00e9ho obchodn\u00edho v\u00fdzkumu v roce 2019 (Gregori\u00e1nsk\u00fd kalend\u00e1\u0159) ozn\u00e1milo 66 ve\u0159ejn\u011b obchodovan\u00fdch spole\u010dnost\u00ed a jejich dce\u0159in\u00fdch spole\u010dnost\u00ed \u00faniky a ztr\u00e1ty osobn\u00edch \u00fadaj\u016f. Po\u010det incident\u016f dos\u00e1hl 86 a po\u010det unikl\u00fdch osobn\u00edch \u00fadaj\u016f dos\u00e1hl 9 031 734. V roce 2019 do\u0161lo ke dv\u011bma velk\u00fdm incident\u016fm, p\u0159i kter\u00fdch uniklo v\u00edce ne\u017e milion osobn\u00edch \u00fadaj\u016f. Platebn\u00ed slu\u017eba &#8220;7pay&#8221; (Seven Pay), kterou zavedla velk\u00e1 distribu\u010dn\u00ed spole\u010dnost Seven &amp; I Holdings, byla nucena ukon\u010dit sv\u00e9 slu\u017eby kv\u016fli neopr\u00e1vn\u011bn\u00e9mu vyu\u017eit\u00ed. Byl to rok, kdy byla d\u016fle\u017eitost bezpe\u010dnostn\u00edch opat\u0159en\u00ed znovu zd\u016frazn\u011bna.<\/p>\n\n\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_53 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<span class=\"ez-toc-title-toggle\"><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_%E2%80%9CTaku_Fairu_Bin%E2%80%9D\" title=\"P\u0159\u00edpad &#8220;Taku Fairu Bin&#8221;\">P\u0159\u00edpad &#8220;Taku Fairu Bin&#8221;<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_spolecnosti_Toyota_Mobility\" title=\"P\u0159\u00edpad spole\u010dnosti Toyota Mobility\">P\u0159\u00edpad spole\u010dnosti Toyota Mobility<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_%E2%80%9E7pay%E2%80%9C\" title=\"P\u0159\u00edpad \u201e7pay\u201c\">P\u0159\u00edpad \u201e7pay\u201c<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_Uniqlo\" title=\"P\u0159\u00edpad Uniqlo\">P\u0159\u00edpad Uniqlo<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_kancelare_prefektury_Kanagawa\" title=\"P\u0159\u00edpad kancel\u00e1\u0159e prefektury Kanagawa\">P\u0159\u00edpad kancel\u00e1\u0159e prefektury Kanagawa<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Ostatni_pripady_neopravneneho_pristupu\" title=\"Ostatn\u00ed p\u0159\u00edpady neopr\u00e1vn\u011bn\u00e9ho p\u0159\u00edstupu\">Ostatn\u00ed p\u0159\u00edpady neopr\u00e1vn\u011bn\u00e9ho p\u0159\u00edstupu<\/a><ul class='ez-toc-list-level-3'><li class='ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_prodejni_spolecnosti_automobilovych_doplnku\" title=\"P\u0159\u00edpad prodejn\u00ed spole\u010dnosti automobilov\u00fdch dopl\u0148k\u016f\">P\u0159\u00edpad prodejn\u00ed spole\u010dnosti automobilov\u00fdch dopl\u0148k\u016f<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_%E2%80%9EDentalni_knihycom%E2%80%9C\" title=\"P\u0159\u00edpad \u201eDent\u00e1ln\u00ed knihy.com\u201c\">P\u0159\u00edpad \u201eDent\u00e1ln\u00ed knihy.com\u201c<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_%E2%80%9ENanatsuboshi_Gallery%E2%80%9C\" title=\"P\u0159\u00edpad \u201eNanatsuboshi Gallery\u201c\">P\u0159\u00edpad \u201eNanatsuboshi Gallery\u201c<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_sluzby_pro_monitorovani_dotazniku_%E2%80%9CAn_a_Kate%E2%80%9D\" title=\"P\u0159\u00edpad slu\u017eby pro monitorov\u00e1n\u00ed dotazn\u00edk\u016f &#8220;An a Kate&#8221;\">P\u0159\u00edpad slu\u017eby pro monitorov\u00e1n\u00ed dotazn\u00edk\u016f &#8220;An a Kate&#8221;<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_%E2%80%9EYamada_Webcom_Yamada_Mall%E2%80%9C\" title=\"P\u0159\u00edpad \u201eYamada Webcom Yamada Mall\u201c\">P\u0159\u00edpad \u201eYamada Webcom Yamada Mall\u201c<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-12\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_s_kartou_AEON\" title=\"P\u0159\u00edpad s kartou AEON\">P\u0159\u00edpad s kartou AEON<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-13\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_aplikace_%E2%80%9EVpass%E2%80%9C_spolecnosti_Mitsui_Sumitomo_Card\" title=\"P\u0159\u00edpad aplikace \u201eVpass\u201c spole\u010dnosti Mitsui Sumitomo Card\">P\u0159\u00edpad aplikace \u201eVpass\u201c spole\u010dnosti Mitsui Sumitomo Card<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-14\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_Mizuho_Bank_%E2%80%9CJ-Coin_Pay%E2%80%9D\" title=\"P\u0159\u00edpad Mizuho Bank &#8220;J-Coin Pay&#8221;\">P\u0159\u00edpad Mizuho Bank &#8220;J-Coin Pay&#8221;<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-15\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_%E2%80%9E10mois_WEBSHOP%E2%80%9C\" title=\"P\u0159\u00edpad \u201e10mois WEBSHOP\u201c\">P\u0159\u00edpad \u201e10mois WEBSHOP\u201c<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-16\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_oficialni_webove_stranky_spolecnosti_Kyoto_Ichinoden\" title=\"P\u0159\u00edpad ofici\u00e1ln\u00ed webov\u00e9 str\u00e1nky spole\u010dnosti Kyoto Ichinoden\">P\u0159\u00edpad ofici\u00e1ln\u00ed webov\u00e9 str\u00e1nky spole\u010dnosti Kyoto Ichinoden<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-17\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_%E2%80%9ENakupy_u_Zojirushi%E2%80%9C\" title=\"P\u0159\u00edpad \u201eN\u00e1kupy u Zojirushi\u201c\">P\u0159\u00edpad \u201eN\u00e1kupy u Zojirushi\u201c<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-18\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Pripad_elektronicke_sluzby_pro_romany_%E2%80%9CNovelba%E2%80%9D\" title=\"P\u0159\u00edpad elektronick\u00e9 slu\u017eby pro rom\u00e1ny &#8220;Novelba&#8221;\">P\u0159\u00edpad elektronick\u00e9 slu\u017eby pro rom\u00e1ny &#8220;Novelba&#8221;<\/a><\/li><\/ul><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-19\" href=\"https:\/\/monolith.law\/cs\/general-corporate\/trends-in-personal-information-leakage-and-loss-accidents-in-2019\/#Shrnuti\" title=\"Shrnut\u00ed\">Shrnut\u00ed<\/a><\/li><\/ul><\/nav><\/div>\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_%E2%80%9CTaku_Fairu_Bin%E2%80%9D\"><\/span>P\u0159\u00edpad &#8220;Taku Fairu Bin&#8221;<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>22. ledna 2019 bylo odhaleno \u00fanik informac\u00ed v r\u00e1mci slu\u017eby pro p\u0159enos soubor\u016f &#8220;Taku Fairu Bin&#8221;, kterou provozovala spole\u010dnost Ojis Soken, 100% dce\u0159in\u00e1 spole\u010dnost spole\u010dnosti Osaka Gas. Byl objeven podez\u0159el\u00fd soubor na serveru, co\u017e vedlo k odhalen\u00ed \u00faniku informac\u00ed. Po dal\u0161\u00edm vy\u0161et\u0159ov\u00e1n\u00ed byly zji\u0161t\u011bny podez\u0159el\u00e9 p\u0159\u00edstupov\u00e9 z\u00e1znamy a 23. ledna byla slu\u017eba zastavena jako preventivn\u00ed opat\u0159en\u00ed proti dal\u0161\u00edm \u0161kod\u00e1m. Prvn\u00ed zpr\u00e1va byla vyd\u00e1na a 25. ledna byl potvrzen \u00fanik informac\u00ed.<\/p>\n\n\n\n<p>Po\u010det \u00fanik\u016f dos\u00e1hl 4 815 399 (plat\u00edc\u00ed \u010dlenov\u00e9: 22 569, bezplatn\u00ed \u010dlenov\u00e9: 4 753 290, b\u00fdval\u00ed \u010dlenov\u00e9: 42 501), a obsahoval jm\u00e9na, e-mailov\u00e9 adresy pro p\u0159ihl\u00e1\u0161en\u00ed, hesla pro p\u0159ihl\u00e1\u0161en\u00ed, datum narozen\u00ed, pohlav\u00ed, povol\u00e1n\u00ed \/ obor \/ pozice a n\u00e1zev prefektury bydli\u0161t\u011b. Tento po\u010det \u00fanik\u016f je druh\u00fd nejvy\u0161\u0161\u00ed v historii, hned po \u00faniku osobn\u00edch informac\u00ed 35,04 milionu z\u00e1kazn\u00edk\u016f zp\u016fsoben\u00e9m neopr\u00e1vn\u011bn\u00fdm z\u00edsk\u00e1n\u00edm informac\u00ed zam\u011bstnancem na zak\u00e1zku v roce 2014 v Benesse.<\/p>\n\n\n\n<p><a href=\"https:\/\/monolith.law\/corporate\/risk-of-company-personal-information-leak-compensation-for-damages\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/monolith.law\/corporate\/risk-of-company-personal-information-leak-compensation-for-damages[ja]<\/a><\/p>\n\n\n\n<p>Po tomto incidentu Ojis Soken provedl kontrolu a pos\u00edlen\u00ed bezpe\u010dnosti a zva\u017eoval obnovu, ale nebylo mo\u017en\u00e9 p\u0159edv\u00eddat rekonstrukci syst\u00e9mu, a tak bylo 14. ledna 2020 ozn\u00e1meno, \u017ee slu\u017eba bude ukon\u010dena k 31. b\u0159eznu 2020.<\/p>\n\n\n\n<p>Pokud pou\u017e\u00edv\u00e1te e-mailovou adresu a heslo zaregistrovan\u00e9 v &#8220;Taku Fairu Bin&#8221; a stejn\u00e9 u\u017eivatelsk\u00e9 ID (e-mailovou adresu) a heslo pro p\u0159ihl\u00e1\u0161en\u00ed k jin\u00fdm webov\u00fdm slu\u017eb\u00e1m, existuje riziko, \u017ee osoba, kter\u00e1 z\u00edskala unikl\u00e9 informace, se m\u016f\u017ee neopr\u00e1vn\u011bn\u011b p\u0159ihl\u00e1sit k t\u011bmto webov\u00fdm slu\u017eb\u00e1m, co\u017e je takzvan\u00fd &#8220;p\u0159evlek&#8221;.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_spolecnosti_Toyota_Mobility\"><\/span>P\u0159\u00edpad spole\u010dnosti Toyota Mobility<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/monolith.law\/wp-content\/uploads\/2020\/02\/shutterstock_1035140923-1024x583.jpg\" alt=\"Trendy \u00fanik\u016f a ztr\u00e1t osobn\u00edch \u00fadaj\u016f v roce 2019\" class=\"wp-image-7479\" \/><figcaption class=\"wp-element-caption\"> P\u0159edstavujeme p\u0159\u00edpad spole\u010dnosti Toyota Mobility. <\/figcaption><\/figure>\n\n\n\n<p>Toyota Mobility, prodejn\u00ed dce\u0159in\u00e1 spole\u010dnost automobilky Toyota, byla 21. b\u0159ezna 2019 (rok 31 Heisei) napadena kybernetick\u00fdm \u00fatokem. Bylo ozn\u00e1meno, \u017ee bylo c\u00edlem \u00fatoku celkem osm prodejn\u00edch spole\u010dnost\u00ed se spole\u010dnou syst\u00e9movou infrastrukturou a z jejich s\u00ed\u0165ov\u00fdch server\u016f mohlo uniknout a\u017e 3,1 milionu osobn\u00edch \u00fadaj\u016f. Na\u0161t\u011bst\u00ed bylo ozn\u00e1meno, \u017ee nebyly unikly informace o kreditn\u00edch kart\u00e1ch, tak\u017ee pravd\u011bpodobnost p\u0159\u00edm\u00e9ho finan\u010dn\u00edho probl\u00e9mu je mal\u00e1. Nicm\u00e9n\u011b, jedn\u00e1 se o informace o z\u00e1kazn\u00edc\u00edch, kte\u0159\u00ed si koupili auto, tak\u017ee je mo\u017en\u00e9, \u017ee by mohly b\u00fdt obchodov\u00e1ny za vysok\u00e9 ceny mezi seznamov\u00fdmi agenturami a \u0161koda nemus\u00ed b\u00fdt omezena.<\/p>\n\n\n\n<p>Toyota Mobility, p\u0159esto\u017ee z\u00edskala japonsk\u00fd &#8220;Privacy Mark&#8221; (P-Mark), se nyn\u00ed mus\u00ed vypo\u0159\u00e1dat s d\u016fle\u017eit\u00fdmi rozhodnut\u00edmi ohledn\u011b budouc\u00edch bezpe\u010dnostn\u00edch opat\u0159en\u00ed, proto\u017ee do\u0161lo k tomuto probl\u00e9mu s \u00fanikem osobn\u00edch \u00fadaj\u016f. Tento \u00fanik osobn\u00edch \u00fadaj\u016f tak\u00e9 dokazuje, \u017ee dosavadn\u00ed bezpe\u010dnostn\u00ed opat\u0159en\u00ed nebyly schopn\u00e9 ho zabr\u00e1nit. Bude t\u0159eba dos\u00e1hnout syst\u00e9mu \u0159\u00edzen\u00ed ochrany osobn\u00edch \u00fadaj\u016f na vy\u0161\u0161\u00ed \u00farovni ne\u017e syst\u00e9m zabezpe\u010den\u00ed, kter\u00fd z\u00edskal &#8220;Privacy Mark&#8221; (P-Mark).<\/p>\n\n\n\n<p>Podobn\u011b jako v p\u0159\u00edpad\u011b spole\u010dnosti Benesse, pokud bude syst\u00e9m \u0159\u00edzen\u00ed ochrany osobn\u00edch \u00fadaj\u016f v budoucnu pova\u017eov\u00e1n za nedostate\u010dn\u00fd, m\u016f\u017ee doj\u00edt k z\u00e1niku &#8220;Privacy Mark&#8221; (P-Mark). Pokud &#8220;Privacy Mark&#8221; (P-Mark) zanikne, existuje riziko ztr\u00e1ty d\u016fv\u011bry, co\u017e je velk\u00fd probl\u00e9m.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_%E2%80%9E7pay%E2%80%9C\"><\/span>P\u0159\u00edpad \u201e7pay\u201c<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Platebn\u00ed slu\u017eba \u201e7pay\u201c, kterou zavedla spole\u010dnost Seven &amp; I Holdings, odhalila podvodn\u00e9 vyu\u017eit\u00ed pot\u00e9, co bylo provedeno intern\u00ed vy\u0161et\u0159ov\u00e1n\u00ed 3. \u010dervence 2019 (rok 2019 podle gregori\u00e1nsk\u00e9ho kalend\u00e1\u0159e), den po zah\u00e1jen\u00ed slu\u017eby, kdy se u\u017eivatel\u00e9 obr\u00e1tili na spole\u010dnost s dotazy o transakc\u00edch, kter\u00e9 si nepamatuj\u00ed.<\/p>\n\n\n\n<p>Okam\u017eit\u011b bylo pozastaveno dob\u00edjen\u00ed z kreditn\u00edch a debetn\u00edch karet a od 4. \u010dervence byla do\u010dasn\u011b pozastavena i nov\u00e1 registrace do slu\u017eby. T\u00e9ho\u017e dne bylo rozhodnuto o do\u010dasn\u00e9m zastaven\u00ed v\u0161ech dob\u00edjen\u00ed.<\/p>\n\n\n\n<p>Bylo ozn\u00e1meno, \u017ee po\u010det ob\u011bt\u00ed podvodn\u00e9ho p\u0159\u00edstupu je 808 a \u0161koda \u010din\u00ed 38 615 473 jen\u016f. Bylo uvedeno, \u017ee metoda podvodn\u00e9ho p\u0159\u00edstupu pravd\u011bpodobn\u011b spo\u010d\u00edvala v tzv. listov\u00e9m \u00fatoku. Listov\u00fd \u00fatok je metoda, p\u0159i kter\u00e9 se mechanicky zad\u00e1vaj\u00ed ID a hesla, kter\u00e1 byla v minulosti unikla na internet z jin\u00fdch spole\u010dnost\u00ed. Tato metoda byla pravd\u011bpodobn\u011b pou\u017eita alespo\u0148 des\u00edtky milion\u016fkr\u00e1t a po\u010det \u00fasp\u011b\u0161n\u00fdch p\u0159ihl\u00e1\u0161en\u00ed p\u0159es\u00e1hl 808 p\u0159\u00edpad\u016f, kdy do\u0161lo k podvodn\u00e9mu vyu\u017eit\u00ed. Mezi d\u016fvody, pro\u010d nebylo mo\u017en\u00e9 zabr\u00e1nit listov\u00e9mu \u00fatoku na \u00fa\u010dty, pat\u0159\u00ed nedostate\u010dn\u00e9 zv\u00e1\u017een\u00ed opat\u0159en\u00ed proti p\u0159ihl\u00e1\u0161en\u00ed z v\u00edce za\u0159\u00edzen\u00ed, nedostate\u010dn\u00e9 zv\u00e1\u017een\u00ed dal\u0161\u00edch ov\u011b\u0159ovac\u00edch metod, jako je dvoustup\u0148ov\u00e9 ov\u011b\u0159en\u00ed, a nedostate\u010dn\u00e9 ov\u011b\u0159en\u00ed optimalizace cel\u00e9ho syst\u00e9mu.<\/p>\n\n\n\n<p>1. srpna Seven &amp; I Holdings uspo\u0159\u00e1dala mimo\u0159\u00e1dnou tiskovou konferenci v Tokiu a ozn\u00e1mila, \u017ee slu\u017eba \u201e7pay\u201c skon\u010d\u00ed 30. z\u00e1\u0159\u00ed v p\u016flnoci. D\u016fvody pro ukon\u010den\u00ed slu\u017eby jsou n\u00e1sleduj\u00edc\u00ed:<br> <\/p>\n\n\n\n<ul>\n<li>P\u0159edpokl\u00e1d\u00e1 se, \u017ee pro dokon\u010den\u00ed z\u00e1sadn\u00edch opat\u0159en\u00ed pot\u0159ebn\u00fdch k obnoven\u00ed v\u0161ech slu\u017eeb \u201e7pay\u201c, v\u010detn\u011b dob\u00edjen\u00ed, bude pot\u0159eba p\u0159im\u011b\u0159en\u00fd \u010das.<\/li>\n\n\n\n<li>Pokud by se slu\u017eba m\u011bla v tomto obdob\u00ed pokra\u010dovat, bylo by nezbytn\u00e9 ji udr\u017eet v nedokonal\u00e9 form\u011b, kdy by bylo mo\u017en\u00e9 pouze \u201eplatit\u201c.<\/li>\n\n\n\n<li>Z\u00e1kazn\u00edci st\u00e1le c\u00edt\u00ed obavy ohledn\u011b t\u00e9to slu\u017eby.<\/li>\n<\/ul>\n\n\n\n<p>Slab\u00e9 pov\u011bdom\u00ed o kybernetick\u00e9 bezpe\u010dnosti u spole\u010dnosti Seven &amp; I Holdings a \u0161patn\u00e1 koordinace v r\u00e1mci skupiny byly postupn\u011b odhaleny, co\u017e vedlo k neobvykl\u00e9mu rychl\u00e9mu sta\u017een\u00ed. Tento ne\u00fasp\u011bch velk\u00e9ho distributora vyvolal obavy z bezhotovostn\u00edch plateb, kter\u00e9 podporuje vl\u00e1da.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_Uniqlo\"><\/span>P\u0159\u00edpad Uniqlo<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/monolith.law\/wp-content\/uploads\/2020\/02\/shutterstock_196775048-1024x683.jpg\" alt=\"Trendy \u00fanik\u016f a ztr\u00e1t osobn\u00edch \u00fadaj\u016f v roce 2019\" class=\"wp-image-7480\" \/><figcaption class=\"wp-element-caption\"> P\u0159edstavujeme p\u0159\u00edpad, kter\u00fd se stal na online str\u00e1nce Uniqlo. <\/figcaption><\/figure>\n\n\n\n<p>Dne 10. kv\u011btna 2019 bylo potvrzeno, \u017ee na webov\u00fdch str\u00e1nk\u00e1ch online obchodu Uniqlo do\u0161lo k neopr\u00e1vn\u011bn\u00e9mu p\u0159ihl\u00e1\u0161en\u00ed t\u0159et\u00ed stranou, kter\u00e1 nebyla u\u017eivatelem.<\/p>\n\n\n\n<p>Od 23. dubna do 10. kv\u011btna bylo pomoc\u00ed metody \u00fatoku typu seznam neopr\u00e1vn\u011bn\u011b p\u0159ihl\u00e1\u0161eno na \u00fa\u010dty 461 091 u\u017eivatel\u016f, kte\u0159\u00ed se zaregistrovali na ofici\u00e1ln\u00edch online str\u00e1nk\u00e1ch Uniqlo a GU. Osobn\u00ed \u00fadaje u\u017eivatel\u016f, kter\u00e9 mohly b\u00fdt prohl\u00ed\u017eeny, zahrnovaly jm\u00e9no, adresu (PS\u010c, m\u011bsto, \u010d\u00edslo domu, \u010d\u00edslo pokoje), telefonn\u00ed \u010d\u00edslo, mobiln\u00ed telefonn\u00ed \u010d\u00edslo, e-mailovou adresu, pohlav\u00ed, datum narozen\u00ed, historii n\u00e1kup\u016f, jm\u00e9no a velikost zaregistrovan\u00e9 v sekci &#8220;Moje velikost&#8221; a \u010d\u00e1st informac\u00ed o kreditn\u00ed kart\u011b (jm\u00e9no dr\u017eitele karty, platnost, \u010d\u00e1st \u010d\u00edsla kreditn\u00ed karty).<\/p>\n\n\n\n<p>Identifikovali jsme zdroj komunikace, kde byly pokusy o neopr\u00e1vn\u011bn\u00e9 p\u0159ihl\u00e1\u0161en\u00ed, a p\u0159\u00edstup jsme zablokovali. Zv\u00fd\u0161ili jsme tak\u00e9 dohled nad ostatn\u00edmi p\u0159\u00edstupy. U u\u017eivatelsk\u00fdch ID, u kter\u00fdch mohly b\u00fdt prohl\u00ed\u017eeny osobn\u00ed \u00fadaje, jsme 13. kv\u011btna zneplatnili hesla a po\u017e\u00e1dali jsme o jejich obnoven\u00ed prost\u0159ednictv\u00edm individu\u00e1ln\u00edch e-mail\u016f. Tento p\u0159\u00edpad jsme tak\u00e9 nahl\u00e1sili na policejn\u00ed prefekturu v Tokiu.<\/p>\n\n\n\n<p>Je charakteristick\u00e9, \u017ee nebyly unikl\u00e9 pouze z\u00e1kladn\u00ed osobn\u00ed \u00fadaje, jako je jm\u00e9no, adresa, telefonn\u00ed \u010d\u00edslo, mobiln\u00ed telefonn\u00ed \u010d\u00edslo, e-mailov\u00e1 adresa a datum narozen\u00ed, ale tak\u00e9 informace o soukrom\u00ed, jako je historie n\u00e1kup\u016f a jm\u00e9no a velikost zaregistrovan\u00e9 v sekci &#8220;Moje velikost&#8221;. Jedn\u00e1 se o nep\u0159\u00edjemn\u00fd a znepokojuj\u00edc\u00ed p\u0159\u00edpad.<\/p>\n\n\n\n<p><a href=\"https:\/\/monolith.law\/reputation\/personal-information-and-privacy-violation\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/monolith.law\/reputation\/personal-information-and-privacy-violation[ja]<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_kancelare_prefektury_Kanagawa\"><\/span>P\u0159\u00edpad kancel\u00e1\u0159e prefektury Kanagawa<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>6. prosince 2019 (rok 1 Reiwa) bylo zji\u0161t\u011bno, \u017ee informace v\u010detn\u011b osobn\u00edch \u00fadaj\u016f a administrativn\u00edch dokument\u016f unikly v d\u016fsledku p\u0159eprodeje pevn\u00fdch disk\u016f (HDD), kter\u00e9 byly pou\u017e\u00edv\u00e1ny v kancel\u00e1\u0159i prefektury Kanagawa. Prefektura Kanagawa a Fujitsu Lease, kter\u00e1 m\u00e1 s prefekturou n\u00e1jemn\u00ed smlouvu na servery, odstranily HDD ze server\u016f pronajat\u00fdch na ja\u0159e 2019 a sv\u011b\u0159ily jejich likvidaci recykla\u010dn\u00ed firm\u011b. Zam\u011bstnanec t\u00e9to firmy odnesl n\u011bkter\u00e9 z HDD a prodal je na Yahoo Auctions bez inicializace. Mu\u017e, kter\u00fd vede IT firmu, koupil dev\u011bt z nich a kdy\u017e zkontroloval jejich obsah, objevil data, kter\u00e1 se zd\u00e1la b\u00fdt ofici\u00e1ln\u00edmi dokumenty prefektury Kanagawa. Informoval o tom noviny, kter\u00e9 potvrdily u prefektury \u00fanik dat.<\/p>\n\n\n\n<p>Podle prohl\u00e1\u0161en\u00ed prefektury ze 6. prosince bylo odneseno celkem 18 HDD, z nich\u017e dev\u011bt bylo ji\u017e z\u00edsk\u00e1no zp\u011bt a dal\u0161\u00edch dev\u011bt bylo pozd\u011bji tak\u00e9 z\u00edsk\u00e1no. Mezi unikl\u00fdmi daty byly da\u0148ov\u00e9 ozn\u00e1men\u00ed s uveden\u00fdmi jm\u00e9ny jednotlivc\u016f a firem, ozn\u00e1men\u00ed po da\u0148ov\u00e9m \u0161et\u0159en\u00ed s uveden\u00fdmi n\u00e1zvy firem, z\u00e1znamy o platb\u011b silni\u010dn\u00ed dan\u011b s uveden\u00fdmi jm\u00e9ny a adresami jednotlivc\u016f, podan\u00e9 dokumenty firem, pracovn\u00ed z\u00e1znamy a seznamy zam\u011bstnanc\u016f prefektury obsahuj\u00edc\u00ed osobn\u00ed \u00fadaje. Ka\u017ed\u00fd z odnesen\u00fdch HDD m\u00e1 kapacitu 3 TB, tak\u017ee celkem mohlo uniknout a\u017e 54 TB dat.<\/p>\n\n\n\n<p>Prefektura Kanagawa ud\u011blala n\u011bkolik z\u00e1kladn\u00edch chyb, jako je:<\/p>\n\n\n\n<ul>\n<li>Nedostate\u010dn\u00e9 zv\u00e1\u017een\u00ed \u0161ifrov\u00e1n\u00ed na \u00farovni hardwaru pro souborov\u00e9 servery, kde jsou ulo\u017eeny administrativn\u00ed dokumenty, a uchov\u00e1v\u00e1n\u00ed dat v p\u016fvodn\u00edm form\u00e1tu<\/li>\n\n\n\n<li>P\u0159ed\u00e1n\u00ed za\u0159\u00edzen\u00ed obsahuj\u00edc\u00edho d\u016fle\u017eit\u00e9 informace n\u00e1jemn\u00ed firm\u011b bez z\u00edsk\u00e1n\u00ed potvrzen\u00ed o dokon\u010den\u00ed inicializace dat<\/li>\n\n\n\n<li>Povolen\u00ed recykla\u010dn\u00ed firm\u011b, o kter\u00e9 zam\u011bstnanci nev\u011bd\u011bli, aby si odvezla n\u00e1jemn\u00ed za\u0159\u00edzen\u00ed<\/li>\n<\/ul>\n\n\n\n<p>U Fujitsu Lease byly tak\u00e9 z\u00e1kladn\u00ed chyby, jako je:<\/p>\n\n\n\n<ul>\n<li>\u00dapln\u00e9 p\u0159enech\u00e1n\u00ed likvidace za\u0159\u00edzen\u00ed recykla\u010dn\u00ed firm\u011b<\/li>\n\n\n\n<li>Nepo\u017e\u00e1d\u00e1n\u00ed recykla\u010dn\u00ed firmy o vyd\u00e1n\u00ed certifik\u00e1tu potvrzuj\u00edc\u00edho \u00fapln\u00e9 smaz\u00e1n\u00ed dat, a\u010dkoli to bylo stanoveno v n\u00e1jemn\u00ed smlouv\u011b<\/li>\n<\/ul>\n\n\n\n<p>O recykla\u010dn\u00ed firm\u011b nen\u00ed t\u0159eba diskutovat.<\/p>\n\n\n\n<p>Mysl\u00edm, \u017ee nedostatek pov\u011bdom\u00ed o bezpe\u010dnosti a nezodpov\u011bdn\u00e9 p\u0159enech\u00e1n\u00ed odpov\u011bdnosti, kter\u00e9 je spole\u010dn\u00e9 v\u0161em t\u0159em zapojen\u00fdm organizac\u00edm, vedlo k takto nedbal\u00e9mu v\u00fdsledku.<\/p>\n\n\n\n<p><a href=\"https:\/\/monolith.law\/corporate\/act-on-the-protection-of-personal-information-privacy-issues\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/monolith.law\/corporate\/act-on-the-protection-of-personal-information-privacy-issues[ja]<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Ostatni_pripady_neopravneneho_pristupu\"><\/span>Ostatn\u00ed p\u0159\u00edpady neopr\u00e1vn\u011bn\u00e9ho p\u0159\u00edstupu<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/monolith.law\/wp-content\/uploads\/2020\/02\/shutterstock_1521212090-1-1024x557.jpg\" alt=\"Trendy \u00fanik\u016f a ztr\u00e1t osobn\u00edch \u00fadaj\u016f v roce 2019\" class=\"wp-image-7482\" \/><figcaption class=\"wp-element-caption\">Incidenty zp\u016fsoben\u00e9 neopr\u00e1vn\u011bn\u00fdm p\u0159\u00edstupem se ka\u017edoro\u010dn\u011b zvy\u0161uj\u00ed a vytv\u00e1\u0159en\u00ed syst\u00e9m\u016f pro zabezpe\u010den\u00ed a spr\u00e1vu informac\u00ed je budouc\u00ed v\u00fdzvou.<\/figcaption><\/figure>\n\n\n\n<p>Incidenty zp\u016fsoben\u00e9 neopr\u00e1vn\u011bn\u00fdm p\u0159\u00edstupem, kter\u00e9 maj\u00ed velk\u00fd dopad a ovliv\u0148uj\u00ed \u0161irokou oblast, se ka\u017edoro\u010dn\u011b zvy\u0161uj\u00ed. V roce 2019 do\u0161lo k rekordn\u00edmu po\u010dtu 41 p\u0159\u00edpad\u016f (32 spole\u010dnost\u00ed) za posledn\u00edch 8 let, od kdy Tokyo Sh\u014dk\u014d Research za\u010dal prov\u00e1d\u011bt pr\u016fzkum. To tvo\u0159\u00ed t\u00e9m\u011b\u0159 polovinu z 86 p\u0159\u00edpad\u016f \u00faniku a ztr\u00e1ty informac\u00ed v roce 2019, s po\u010dtem \u00fanik\u016f a ztr\u00e1t 8 902 078, co\u017e je 98,5% celkov\u00e9ho po\u010dtu (9 031 734) v roce 2019. Krom\u011b v\u00fd\u0161e uveden\u00fdch p\u0159\u00edklad\u016f bylo v roce 2019 odhaleno mnoho dal\u0161\u00edch p\u0159\u00edpad\u016f neopr\u00e1vn\u011bn\u00e9ho p\u0159\u00edstupu, v\u010detn\u011b n\u00e1sleduj\u00edc\u00edch p\u0159\u00edklad\u016f.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_prodejni_spolecnosti_automobilovych_doplnku\"><\/span>P\u0159\u00edpad prodejn\u00ed spole\u010dnosti automobilov\u00fdch dopl\u0148k\u016f<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Dne 26. \u00fanora do\u0161lo k neopr\u00e1vn\u011bn\u00e9mu p\u0159\u00edstupu na online obchod provozovan\u00fd spole\u010dnost\u00ed Hase-Pro, kter\u00e1 prod\u00e1v\u00e1 automobilov\u00e9 dopl\u0148ky, v d\u016fsledku zneu\u017eit\u00ed zranitelnosti str\u00e1nky. Byla zobrazena fale\u0161n\u00e1 platebn\u00ed str\u00e1nka a do\u0161lo k \u00faniku informac\u00ed o kreditn\u00edch kart\u00e1ch, kter\u00e9 u\u017eivatel\u00e9 zadali.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_%E2%80%9EDentalni_knihycom%E2%80%9C\"><\/span>P\u0159\u00edpad \u201eDent\u00e1ln\u00ed knihy.com\u201c<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Dne 25. b\u0159ezna do\u0161lo k neopr\u00e1vn\u011bn\u00e9mu p\u0159\u00edstupu k webov\u00e9mu serveru \u201eDent\u00e1ln\u00ed knihy.com\u201c, kter\u00fd provozuje Quintessence Publishing Co., Ltd., specializovan\u00e9 na dent\u00e1ln\u00ed publikace. Do\u0161lo k \u00faniku osobn\u00edch \u00fadaj\u016f u\u017eivatel\u016f str\u00e1nek. U z\u00e1kazn\u00edk\u016f, kte\u0159\u00ed vyu\u017eili platbu kreditn\u00ed kartou, do\u0161lo k \u00faniku informac\u00ed o kreditn\u00ed kart\u011b v\u010detn\u011b bezpe\u010dnostn\u00edho k\u00f3du. Krom\u011b toho byly unikl\u00e9 tak\u00e9 osobn\u00ed \u00fadaje u\u017eivatel\u016f dent\u00e1ln\u00edch pracovn\u00edch port\u00e1l\u016f a Japonsk\u00e9 mezin\u00e1rodn\u00ed dent\u00e1ln\u00ed konference, celkem a\u017e 23 000 z\u00e1znam\u016f osobn\u00edch \u00fadaj\u016f.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_%E2%80%9ENanatsuboshi_Gallery%E2%80%9C\"><\/span>P\u0159\u00edpad \u201eNanatsuboshi Gallery\u201c<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Dne 12. dubna do\u0161lo k neopr\u00e1vn\u011bn\u00e9mu p\u0159\u00edstupu na webov\u00e9m prodejn\u00edm m\u00edst\u011b souvisej\u00edc\u00edm s luxusn\u00edm vlakem \u201eNanatsuboshi in Kyushu\u201c spole\u010dnosti Kyushu Railway Company, zvan\u00e9m \u201eNanatsuboshi Gallery\u201c. Byly unikl\u00e9 osobn\u00ed \u00fadaje z\u00e1kazn\u00edk\u016f, v\u010detn\u011b informac\u00ed o kreditn\u00edch kart\u00e1ch. U 3086 \u010dlen\u016f, kte\u0159\u00ed zaregistrovali informace o sv\u00e9 kreditn\u00ed kart\u011b, mohou b\u00fdt zahrnuty i bezpe\u010dnostn\u00ed k\u00f3dy. Bylo ozn\u00e1meno, \u017ee existuje mo\u017enost \u00faniku informac\u00ed tak\u00e9 u \u010dlen\u016f, kte\u0159\u00ed nezaregistrovali informace o kart\u011b, a u dal\u0161\u00edch u\u017eivatel\u016f, kte\u0159\u00ed vyu\u017eili web, celkem u 5120 p\u0159\u00edpad\u016f.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_sluzby_pro_monitorovani_dotazniku_%E2%80%9CAn_a_Kate%E2%80%9D\"><\/span>P\u0159\u00edpad slu\u017eby pro monitorov\u00e1n\u00ed dotazn\u00edk\u016f &#8220;An a Kate&#8221;<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Dne 23. kv\u011btna do\u0161lo k neopr\u00e1vn\u011bn\u00e9mu p\u0159\u00edstupu vyu\u017e\u00edvaj\u00edc\u00edmu zranitelnosti serveru ve slu\u017eb\u011b pro monitorov\u00e1n\u00ed dotazn\u00edk\u016f &#8220;An a Kate&#8221;, kterou provozuje spole\u010dnost Marketing Applications. Byly unikl\u00e9 osobn\u00ed \u00fadaje z 770 740 registrovan\u00fdch \u00fa\u010dt\u016f. Mezi unikl\u00fdmi informacemi byly e-mailov\u00e9 adresy, pohlav\u00ed, povol\u00e1n\u00ed, pracovi\u0161t\u011b a informace souvisej\u00edc\u00ed s bankovn\u00edmi \u00fa\u010dty.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_%E2%80%9EYamada_Webcom_Yamada_Mall%E2%80%9C\"><\/span>P\u0159\u00edpad \u201eYamada Webcom Yamada Mall\u201c<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Dne 29. kv\u011btna do\u0161lo k neopr\u00e1vn\u011bn\u00e9mu p\u0159\u00edstupu na \u201eYamada Webcom Yamada Mall\u201c, kter\u00fd provozuje spole\u010dnost Yamada Denki Co., Ltd. Aplikace pro platby byla upravena a b\u011bhem tohoto obdob\u00ed bylo uniklo maxim\u00e1ln\u011b 37 832 z\u00e1znam\u016f o z\u00e1kaznick\u00fdch informac\u00edch.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_s_kartou_AEON\"><\/span>P\u0159\u00edpad s kartou AEON<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Dne 13. \u010dervna do\u0161lo k neopr\u00e1vn\u011bn\u00e9mu p\u0159ihl\u00e1\u0161en\u00ed pomoc\u00ed \u00fatoku seznamem hesel na kartu AEON, kterou vyd\u00e1v\u00e1 spole\u010dnost AEON Credit Service Co., Ltd. Bylo potvrzeno, \u017ee neopr\u00e1vn\u011bn\u00e9 p\u0159ihl\u00e1\u0161en\u00ed bylo mo\u017en\u00e9 na 1917 \u00fa\u010dtech, z nich\u017e 708 bylo skute\u010dn\u011b napadeno, co\u017e zp\u016fsobilo \u0161kody z neopr\u00e1vn\u011bn\u00e9ho pou\u017eit\u00ed ve v\u00fd\u0161i p\u0159ibli\u017en\u011b 22 milion\u016f jen\u016f. \u00dato\u010dn\u00edk se pokusil o \u00fatok seznamem hesel na ofici\u00e1ln\u00ed str\u00e1nce &#8220;AEON Square&#8221;, neopr\u00e1vn\u011bn\u011b z\u00edskal informace o u\u017eivatelsk\u00fdch \u00fa\u010dtech, zm\u011bnil kontaktn\u00ed informace pomoc\u00ed funkce pro zm\u011bnu registrace v ofici\u00e1ln\u00ed aplikaci a vyu\u017eil finan\u010dn\u00ed prost\u0159edky prost\u0159ednictv\u00edm funkce pro propojen\u00ed plateb.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_aplikace_%E2%80%9EVpass%E2%80%9C_spolecnosti_Mitsui_Sumitomo_Card\"><\/span>P\u0159\u00edpad aplikace \u201eVpass\u201c spole\u010dnosti Mitsui Sumitomo Card<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/monolith.law\/wp-content\/uploads\/2020\/03\/shutterstock_72295576-1024x684.jpg\" alt=\"\" class=\"wp-image-7702\" \/><figcaption class=\"wp-element-caption\">Neopr\u00e1vn\u011bn\u00fd p\u0159\u00edstup k kart\u00e1m tak\u00e9 zp\u016fsobuje \u0161kody.<\/figcaption><\/figure>\n\n\n\n<p>Dne 23. srpna ozn\u00e1mila spole\u010dnost Mitsui Sumitomo Card Co., Ltd., \u017ee existuje mo\u017enost, \u017ee a\u017e 16 756 z\u00e1znam\u016f s ID informacemi z\u00e1kazn\u00edk\u016f v aplikaci pro \u010dleny \u201eVpass\u201c bylo vystaveno neopr\u00e1vn\u011bn\u00e9mu p\u0159\u00edstupu. Neopr\u00e1vn\u011bn\u00fd p\u0159\u00edstup byl potvrzen pravideln\u00fdm monitorovac\u00edm pr\u016fzkumem prov\u00e1d\u011bn\u00fdm spole\u010dnost\u00ed a po vy\u0161et\u0159en\u00ed p\u0159\u00ed\u010diny bylo zji\u0161t\u011bno, \u017ee v\u011bt\u0161ina z p\u0159ibli\u017en\u011b p\u011bti milion\u016f pokus\u016f o p\u0159ihl\u00e1\u0161en\u00ed poch\u00e1zela od u\u017eivatel\u016f, kte\u0159\u00ed nebyli registrov\u00e1ni v t\u00e9to slu\u017eb\u011b, co\u017e nazna\u010duje \u00fatok typu seznamu hesel.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_Mizuho_Bank_%E2%80%9CJ-Coin_Pay%E2%80%9D\"><\/span>P\u0159\u00edpad Mizuho Bank &#8220;J-Coin Pay&#8221;<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Dne 4. z\u00e1\u0159\u00ed ozn\u00e1mila spole\u010dnost Mizuho Financial Group (Japonsk\u00e1 Mizuho Banka), \u017ee testovac\u00ed syst\u00e9m pro spr\u00e1vu obchod\u016f, kter\u00e9 poskytuj\u00ed slu\u017ebu &#8220;J-Coin Pay&#8221;, byl vystaven neopr\u00e1vn\u011bn\u00e9mu p\u0159\u00edstupu, co\u017e vedlo k \u00faniku informac\u00ed o 18 469 obchodech, kter\u00e9 jsou \u010dleny J-Coin.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_%E2%80%9E10mois_WEBSHOP%E2%80%9C\"><\/span>P\u0159\u00edpad \u201e10mois WEBSHOP\u201c<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Dne 19. z\u00e1\u0159\u00ed bylo ozn\u00e1meno, \u017ee do online obchodu \u201e10mois WEBSHOP\u201c, kter\u00fd provozuje spole\u010dnost s ru\u010den\u00edm omezen\u00fdm Ficel, do\u0161lo k neopr\u00e1vn\u011bn\u00e9mu p\u0159\u00edstupu. Bylo zji\u0161t\u011bno, \u017ee bylo uniklo 108 131 z\u00e1znam\u016f osobn\u00edch \u00fadaj\u016f z\u00e1kazn\u00edk\u016f a 11 913 z\u00e1znam\u016f informac\u00ed o kreditn\u00edch kart\u00e1ch. Informace o kreditn\u00edch kart\u00e1ch zahrnovaly tak\u00e9 bezpe\u010dnostn\u00ed k\u00f3dy.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_oficialni_webove_stranky_spolecnosti_Kyoto_Ichinoden\"><\/span>P\u0159\u00edpad ofici\u00e1ln\u00ed webov\u00e9 str\u00e1nky spole\u010dnosti Kyoto Ichinoden<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Dne 8. \u0159\u00edjna do\u0161lo k neopr\u00e1vn\u011bn\u00e9mu p\u0159\u00edstupu na ofici\u00e1ln\u00ed webov\u00e9 str\u00e1nky spole\u010dnosti Kyoto Ichinoden, zn\u00e1m\u00e9 sv\u00fdmi z\u00e1padn\u00edmi kyotsk\u00fdmi okurkami, a byl pozm\u011bn\u011bn platebn\u00ed formul\u00e1\u0159. Bylo uniklo 18 855 \u00fadaj\u016f o kreditn\u00edch kart\u00e1ch v\u010detn\u011b bezpe\u010dnostn\u00edch k\u00f3d\u016f a 72 738 z\u00e1znam\u016f o \u010dlensk\u00fdch informac\u00edch a historii odes\u00edl\u00e1n\u00ed.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_%E2%80%9ENakupy_u_Zojirushi%E2%80%9C\"><\/span>P\u0159\u00edpad \u201eN\u00e1kupy u Zojirushi\u201c<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Dne 5. prosince ozn\u00e1mila spole\u010dnost Zojirushi Mahobin, kter\u00e1 provozuje \u201eN\u00e1kupy u Zojirushi\u201c, \u017ee do\u0161lo k neopr\u00e1vn\u011bn\u00e9mu p\u0159\u00edstupu, a je mo\u017en\u00e9, \u017ee bylo uniklo a\u017e 280 052 z\u00e1znam\u016f o z\u00e1kazn\u00edc\u00edch. P\u0159edpokl\u00e1d\u00e1 se, \u017ee p\u0159\u00ed\u010dinou neopr\u00e1vn\u011bn\u00e9ho p\u0159\u00edstupu byla zranitelnost na webu, a spole\u010dnost proto od 4. prosince pozastavila ve\u0159ejn\u00fd p\u0159\u00edstup k n\u00e1kupn\u00edmu webu.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Pripad_elektronicke_sluzby_pro_romany_%E2%80%9CNovelba%E2%80%9D\"><\/span>P\u0159\u00edpad elektronick\u00e9 slu\u017eby pro rom\u00e1ny &#8220;Novelba&#8221;<span class=\"ez-toc-section-end\"><\/span><\/h3>\n\n\n\n<p>Dne 25. prosince do\u0161lo k neopr\u00e1vn\u011bn\u00e9mu p\u0159\u00edstupu k elektronick\u00e9 slu\u017eb\u011b pro rom\u00e1ny &#8220;Novelba&#8221;, kterou provozuje spole\u010dnost Beegle Inc., a bylo uniknuto 33 715 z\u00e1znam\u016f osobn\u00edch \u00fadaj\u016f, v\u010detn\u011b e-mailov\u00fdch adres registrovan\u00fdch u\u017eivatel\u016f. Krom\u011b toho existuje mo\u017enost \u00faniku bankovn\u00edch \u00fadaj\u016f u 76 u\u017eivatel\u016f, kte\u0159\u00ed byli registrov\u00e1ni v odm\u011bnn\u00e9m programu, co\u017e m\u016f\u017ee v\u00e9st k dal\u0161\u00edm \u0161kod\u00e1m.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Shrnuti\"><\/span>Shrnut\u00ed<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Adekv\u00e1tn\u00ed opat\u0159en\u00ed k zabr\u00e1n\u011bn\u00ed \u00faniku a ztr\u00e1t\u011b informac\u00ed se st\u00e1v\u00e1 d\u016fle\u017eit\u00fdm t\u00e9matem pro v\u0161echny organizace a firmy, kter\u00e9 zpracov\u00e1vaj\u00ed osobn\u00ed \u00fadaje. Zejm\u00e9na u mal\u00fdch podnik\u016f, kter\u00e9 disponuj\u00ed omezen\u00fdmi finan\u010dn\u00edmi a lidsk\u00fdmi zdroji ve srovn\u00e1n\u00ed s ve\u0159ejn\u011b obchodovan\u00fdmi spole\u010dnostmi, m\u016f\u017ee \u00fanik informac\u00ed zp\u016fsobit fat\u00e1ln\u00ed \u0161kody na podnik\u00e1n\u00ed. Je nezbytn\u00e9 se vypo\u0159\u00e1dat s bezpe\u010dnostn\u00edmi opat\u0159en\u00edmi a vytvo\u0159en\u00edm syst\u00e9mu pro spr\u00e1vu informac\u00ed. V kontextu vyu\u017eit\u00ed velk\u00fdch dat se osobn\u00ed \u00fadaje st\u00e1vaj\u00ed st\u00e1le d\u016fle\u017eit\u011bj\u0161\u00edmi. Sou\u010dasn\u011b se st\u00e1v\u00e1 d\u016fle\u017eit\u00fdm p\u0159edpokladem pro \u0159\u00edzen\u00ed rizik p\u0159\u00edsn\u00e1 bezpe\u010dnost proti sofistikovan\u00fdm neopr\u00e1vn\u011bn\u00fdm p\u0159\u00edstup\u016fm a spr\u00e1va informac\u00ed.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Podle Tokijsk\u00e9ho obchodn\u00edho v\u00fdzkumu v roce 2019 (Gregori\u00e1nsk\u00fd kalend\u00e1\u0159) ozn\u00e1milo 66 ve\u0159ejn\u011b obchodovan\u00fdch spole\u010dnost\u00ed a jejich dce\u0159in\u00fdch spole\u010dnost\u00ed \u00faniky a ztr\u00e1ty osobn\u00edch \u00fadaj\u016f. Po\u010det incident\u016f dos\u00e1 [&hellip;]<\/p>\n","protected":false},"author":32,"featured_media":63353,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[18],"tags":[24,29],"acf":[],"_links":{"self":[{"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/posts\/61403"}],"collection":[{"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/users\/32"}],"replies":[{"embeddable":true,"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/comments?post=61403"}],"version-history":[{"count":2,"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/posts\/61403\/revisions"}],"predecessor-version":[{"id":63354,"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/posts\/61403\/revisions\/63354"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/media\/63353"}],"wp:attachment":[{"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/media?parent=61403"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/categories?post=61403"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/monolith.law\/cs\/wp-json\/wp\/v2\/tags?post=61403"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}