The Weekly Cypher is specially curated to keep you up-to-date on the latest in cybersecurity, biometrics, and related news and innovations. Here are a few of the headlines you might have missed this week.
No experience was obviously necessary for this important government job. Japan’s new minister in charge of cybersecurity made a startling admission on Wednesday: he doesn’t actually use computers. “Since I was 25, I have been in a position of authority where secretaries and employees handle such tasks for me,” Yoshitaka Sakurada, 68, told a Lower House cabinet committee meeting, per The Japan Times. “I give instructions to my aide and so I don’t punch into a computer myself,” he added, per The Associated Press. “But I am confident our work is flawless.”
Security breach at Nordstrom exposed sensitive employee data | Seattle Times
Seattle-based retailer Nordstrom is notifying employees of an information-security breach that exposed their names, Social Security numbers, dates of birth, checking account and routing numbers, salaries and more. Employees across the company received an e-mail notification and apology from co-President Blake Nordstrom on Wednesday informing them of the breach, a company spokesperson confirmed Friday. Some employees, who may not have regular access to corporate e-mail accounts, were being shown the breach notification by managers when they arrived at work.
Some millennial and Gen Z couples are giving each other fingerprint access to their phones | Business Insider
In the age of biometric security, some young couples are displaying a new form of trust. Millennial and Gen Z are choosing to grant phone access via fingerprint to their significant other, which some say is convenient and serves as a measure of trust in the relationship, CNBC reports. Others say sharing that level of access could become an issue if a current or former significant other wants to cause some serious damage. Many modern phones incorporate some level of biometric security — older iPhones use fingerprint technology while newer models use facial recognition, and plenty of Android phones utilize either method. This allows users to open their phones quickly without needing to remember or input a password, but additional fingerprints and faces can be granted access as well.
Fresh from belatedly admitting that 9.4 million passengers’ personal data was stolen by hackers, Hong Kong airline Cathay Pacific has now admitted that it was under attack for three solid months before it took half a year to tell anyone. In its initial public statement on the hack, which saw names, nationalities, dates of birth, addresses, some people’s passport numbers, email addresses and more heading from its secure servers into the hands of as-yet unidentified miscreants, Cathay said it had detected “suspicious activity” beginning in March 2018. In a submission made by the airline to Hong Kong’s Legco (its Legislative Council; broadly, the semi-autonomous Chinese territory’s equivalent of Parliament) reveals (PDF, 4 pages), ahead of a Wednesday hearing, Cathay said it knew that in March the “suspicious activity” was a full-scale attack on its servers.
The Cybersecurity 202: Amazon is now at the center of a debate over public safety versus privacy | The Washington Post
A New Hampshire judge’s attempt to compel Amazon to share recordings from an Echo device at the scene of an alleged double murder is putting a fine point on law enforcement’s growing demand for data from Internet of Things devices. Prosecutors are seeking two days of recordings from the smart speaker in a Farmington, N.H., home where two women were found dead in January 2017, according to a report from CBS Boston. The judge directed the company to turn over evidence in the case, but so far, Amazon has said it “will not release customer data without a valid and binding legal demand properly served on us.”