compTIA-logo

CompTIA Research Study: U.S. Personal Information, Passwords, Medical Data at Risk

CompTIA Research Study

At Stake: Legislation That Could Affect Whether Hackers or Unscrupulous Repair Shops Gain Access to Private Information without Device Owner's Knowledge or Consent

DOWNERS GROVE, Ill., Sept. 26, 2017 /PRNewswire-USNewswire/ — Millions of Americans increasingly store personal information – such as banking information, passwords and medical data –  on their devices, raising privacy and security questions about state legislative efforts to require electronics manufacturers to provide all repair shops with access to source information that could compromise those devices, according to new CompTIA research released today.

At issue is legislation in Massachusetts, Tennessee and other states that would require electronics manufacturers to offer the “digital keys” that unlock access to the inner workings of devices. Once compromised, that could lead to hackers and unscrupulous actors accessing information without the device owner's knowledge or consent.

CompTIA research shows the scope of the problem:

  • 28 percent of consumers have banking or financial information on their devices.
  • One in four have passwords saved in a file or app on their smartphones/computers.
  • Nearly 15 percent have health insurance or medical information.
  • 77 percent have contact and other personal information on family, friends and co-workers.

The security and personal privacy challenge will only grow in coming years as millions of interconnected devices interface and communicate with each other – from the Internet of Things (IoT) to Autonomous Vehicles to Smart Cities and Artificial Intelligence.

The last thing a person wants is for a bad actor to get access to their personal information because a family, friend or co-worker compromised their devices by allowing an unauthorized repair shop to tinker with their device,” said Liz Hyman, executive vice president of policy advocacy for CompTIA. “We must ensure that protections are in place that balance the needs of consumers to repair their devices while also ensuring that they remain safe and secure.

Compromising a device has a ripple effect: from identity theft for key family members and friends to mass infrastructure outages due to IoT attacks to taking over vehicles or systems.

Cybersecurity has to be a collective responsibility,” added Hyman. “We must ensure the right policies and regulations that don't let a cybersecurity breach wreak havoc across society.

The research was released as Massachusetts legislators debate a bill that would require manufacturers to share “repair technical updates, diagnostic software, service access passwords, updates and corrections to firmware, and related documentation, free of charge and in the same manner the manufacturer makes available to its authorized repair providers” with any product owner or repair shop.

The legislation appears to go against the goals of U.S. consumers, who want to make cybersecurity paramount above all else. The CompTIA survey revealed that safety and security are consumers' highest priorities. More than 80 percent would be apt to choose safety and security over price and 65 percent would probably choose safety and security over convenience when selecting a repair shop.

In addition, a net 80 percent of U.S. consumers are concerned about privacy and security breaches at smartphone or computer repair shops. Despite the perceived risk, consumers seemingly do not have the means to protect themselves as 85 percent are concerned that they are unable to assess the reliability, professionalism and trustworthiness of repair shops and repair technicians.

CompTIA conducted an online survey of 1,000 U.S. consumers during the week of September 18th.  It has a margin of error of +/- 3.2 percentage points.

CompTIA: Building the Foundation for Technology's Future

The Computing Technology Industry Association (CompTIA) is the world's leading technology association, with approximately 2,000 member companies, 3,000 academic and training partners, over 100,000 registered users and more than two million IT certifications issued. CompTIA's unparalleled range of programs foster workforce skills development and generate critical knowledge and insight – building the foundation for technology's future.

CloudBuzz

The latest in curated technology related news collected from many of the leading news distribution, industry research and technology vendor firms on the planet.

Here you will find recent news sources from companies such as Reuters, Marketwired, IDC, Gartner or directly from cloud vendors such as Google, Microsoft or Amazon.

CONTRIBUTORS

Scale Matters in the Enterprise Cloud

Scale Matters in the Enterprise Cloud

The Enterprise Cloud What used to be an unknown and mysterious term, “the cloud” is now a common and mostly ...
Cloud-Based or On-Premise ERP Deployment? Find Out

Cloud-Based or On-Premise ERP Deployment? Find Out

ERP Deployment You know how ERP deployment can improve processes within your supply chain, and the things to keep in ...
Chris Gerva

Why Containers Can’t Solve All Your Problems In The Cloud

Containers and the cloud Docker and other container services are appealing for a good reason - they are lightweight and ...
Principles of an Effective Cybersecurity Strategy

Principles of an Effective Cybersecurity Strategy

Effective Cybersecurity Strategy A number of trends contribute to today’s reality in which businesses can no longer treat cybersecurity as ...
AWS S3 Outage & Lessons in Tech Responsibility From Smokey the Bear

AWS S3 Outage & Lessons in Tech Responsibility From Smokey the Bear

AWS S3 Outage & Lessons in Tech Responsibility Earlier this week, AWS S3 had to fight its way back to ...
What’s Next In Cloud And Data Security For 2017?

What’s Next In Cloud And Data Security For 2017?

Cloud and Data Security It has been a tumultuous year in data privacy to say the least – we’ve had ...
What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

DDoS Attacks October 21st, 2016 went into the annals of Internet history for the large scale Distributed Denial of Service (DDoS) ...
How Big Data Can Empower Native Ads

How Big Data Can Empower Native Ads

Empower Native Ads The realm of big data is expanding an astonishing rate, and its presence can be felt across ...
The Five Rules of Security and Compliance in the Public Cloud Era

The Five Rules of Security and Compliance in the Public Cloud Era

Security and Compliance  With technology at the heart of businesses today, IT systems and data are being targeted by criminals, ...
Battle of the Clouds: Multi-Instance vs. Multi-Tenant Architecture

Battle of the Clouds: Multi-Instance vs. Multi-Tenant Architecture

Multi-Instance vs. Multi-Tenant Architecture  The cloud is part of everything we do. It’s always there backing up our data, pictures, ...

NEWS

U.S. IT Sector Employment Expands by 8,100 Jobs in November, CompTIA Analysis Reveals

U.S. IT Sector Employment Expands by 8,100 Jobs in November, CompTIA Analysis Reveals

DOWNERS GROVE, Ill., Dec. 8, 2017 /PRNewswire-USNewswire/ -- New hiring in computer and electronics manufacturing and technology services and custom ...
Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system (Reuters) - Hackers likely working for a nation-state recently penetrated the safety system of ...
email as a service

Google Data Analysis, Artificial Intelligence and Predicting Vaccine Scares

Social media trends can predict tipping points in vaccine scares Analyzing trends on Twitter and Google can help predict vaccine ...