Personal details of 5.5m employees from the world’s 1,000 biggest public companies have been discovered online by a British cyber security firm that searched through data compromised by recent breaches of popular websites.
英国一家网络安全公司对近期几个高人气网站泄露的数据实施了搜索,从而在网上发现了全球1000家最大公开上市公司550万名员工的个人细节信息。
Digital Shadows found details including corporate email addresses and passwords from 97 per cent of the 1,000 companies. It did not name the individual companies concerned.
这家名为Digital Shadows的公司发现的细节信息,包括来自这1000家企业的97%的员工的企业电子邮件地址及密码。该公司并未点明涉事企业的名称。
The UK firm trawled through data leaked from popular services such as LinkedIn, Dropbox and MySpace, looking for users who had signed up using their work email accounts. Many of them had reused their work passwords.
这家英国公司查询了领英(LinkedIn)、Dropbox和MySpace等高人气服务网站泄露的数据,寻找那些曾用其工作电邮账号注册的用户。他们中许多人重复使用了他们在工作场合使用的密码。
Nearly 300,000 people’s details had been stolen from dating websites, including Ashley Madison and Adult Friend Finder; Ashley Madison alone yielded corporate emails and passwords of more than 200,000 people working for big companies.
近30万人的细节信息从Ashley Madison和Adult Friend Finder等约会网站被盗。其中,仅Ashley Madison网站就泄露了为大企业工作的逾20万人的公司电邮和密码信息。
The cost of a single data breach can be enormous — an IBM study found that the average total cost to a company is $4m. High-profile victim TalkTalk lost 101,000 customers, spent £60m and faced a parliamentary inquiry. Last year, data breaches cost British businesses about £34bn.
仅仅一次数据泄露就可能造成巨大损失。IBM开展的一项研究发现,数据泄露为每家企业带来的平均总损失是400万美元。备受关注的数据泄露受害者TalkTalk损失了10.1万名客户,花费了6000万英镑,还面临议会的调查。去年,数据泄露为英国企业带来的损失约为340亿英镑。
Much of the data uncovered by Digital Shadows had not been previously leaked — 90 per cent of the 5.5m usernames and passwords were newly available online.
Digital Shadows发现的数据大部分此前未曾披露过:550万用户名和密码中90%都是新出现在网上。
“We were analysing leaks going back to 2012, so I thought we would see a lot of duplicates, but only 10 per cent of credentials had been in previous leaks,” said Rick Holland, vice-president for strategy at Digital Shadows. “Whenever a breach becomes public, the first thing our clients ask is: ‘Are these details new or repackaged?’ So this is bad news.”
Digital Shadows战略部门副总裁里克•霍兰(Rick Holland)表示:“我们正在分析远至2012年的泄露数据,因此我以为我们会看到许多重复的数据,然而只有10%的凭据信息在此前的数据泄露中出现过。每当一批泄露数据公开时,我们的客户问的第一件事就是:‘这些细节信息是新的,还是旧信息的重新打包?’因此,这是个坏消息。”
Studies have found that more than 60 per cent of people reuse passwords and compromised credentials can also be used for phishing attacks and extortion attempts.
研究发现,逾60%的人会重复使用密码。而且,被泄露的凭据信息也可能被用于钓鱼式攻击(phishing attack)和敲诈企图。
Combining stolen information can allow cyber criminals to piece together comprehensive user identities, cyber security experts said.
网络安全专家表示,将被窃取的信息结合起来,令网络犯罪者能够拼凑出完整的用户身份信息。
Cyber security consultants advise companies to require employees to change passwords every eight weeks and use additional security, such as requiring authentication through a mobile phone, for new sign ons. “Rolling out multi-factor authentication is really important to minimise that risk,” Mr Holland said.
网络安全咨询师建议各企业要求员工每八周更新一次密码,并使用额外的安全手段,比如新登录时要求通过手机认证。霍兰表示:“实施多种类型的认证对于降低这种风险特别重要。”
Donald Trump has upset Sir Cameron Mackintosh and co-creators of the stage musical Les Misérables for playing one of their songs at his Miami rally.
唐纳德•特朗普在迈阿密的竞选集会上播放了音乐剧《悲惨世界》中的一首插曲,引起了制作者卡麦隆•麦金托什和其它音乐剧主创的不满。
Mackintosh, a leading British theatre impresario, is to make his objection felt in a joint statement with Alain Boublil, the musical’s librettist and others who own the copyright.
麦金托什是英国著名戏剧经理人,他将同剧作者阿兰•布比尔等其它版权人一起发布联合声明提出抗议。
A copy released to the Guardian said: “The authors of Les Misérables were not asked for permission and did not authorise or endorse usage of Do You Hear the People Sing? at last [week’s] Trump rally in Miami, and have never done so for any of the songs from the musical for this or any other political event.”
刊登在《卫报》上的声明写道:“《悲惨世界》的作者们没有收到许可申请,也没有授权或允许特朗普在上周迈阿密集会上使用《Do You Hear the People Sing?》,歌剧中的任何一首歌曲从未被允许在这次或任何其他的政治活动中使用。”
Les Misérables has broken box office records worldwide, seen by more than 70 million people in 44 countries. It is a story of “broken dreams and unrequited love, passion, sacrifice and redemption”, with songs that include I Dreamed A Dream. In Miami, the Republican presidential nominee took the stage as Do You Hear the People Sing? blasted through the loudspeakers.
《悲惨世界》已在44个国家演出,观看人次达七千多万,打破了全球票房纪录。它讲述了一个关于“破碎的梦和暗恋、热烈的情欲、牺牲和救赎”的故事。《I Dreamed A Dream》也是歌曲之一。在迈阿密,集会上的扩音喇叭高声唱着《Do You Hear the People Sing?》,共和党总统候选人在一片音乐声中登台亮相。
Mackintosh’s statement said: “As the musical’s popularity and universal message have been part of international popular culture for more than 30 years now, countless political and social movements around the world, including the first Bill Clinton and Obama campaigns, have independently embraced songs from the musical as a rallying cry for their own cause.”
麦金托什的声明中说道:“因《悲惨世界》的知名度和辨识度,这部歌剧在30多年来已成为国际流行文化的组成部分。全球无数政治和社会运动,包括比尔•克林顿和奥巴马的首次竞选活动,都各自使用了音乐剧中的歌曲作为个人竞选的战斗口号。”
Trump has upset musicians before. In May, he faced demands by the Rolling Stones to stop playing their music at his campaign events. Earlier, he faced criticism from Neil Young for using his Rockin’ in the Free World. Whether Mackintosh takes legal action remains to be seen.
特朗普的侵权行为早有先例。五月份,滚石乐队曾向特朗普提出停止在竞选活动中播放其音乐的要求。更早时候,尼尔•杨批评特朗普使用了他的歌曲《Rockin’ in the Free World》。麦金托什是否就此采取法律行动仍有待观察。
The intellectual property lawyer Mark Stephens of Howard Kennedy, said politicians were supposed to clear the use of songs. Sometimes permission was obtained without disclosing it was for a political purpose and there could be a question about whether Trump’s campaign said it would be used at a rally.
霍华德•肯尼迪律师事务所的著作权律师马克•斯蒂芬森表示,政客们应该澄清对歌曲的使用情况。他补充说,有时出于政治目的会对获得的使用权进行保密,但特朗普的竞选团队有无说明歌曲将在集会上使用还有疑问。
Asked whether Mackintosh could potentially have a legal case against Trump, he said: “Assuming that there wasn’t a fully disclosed, informed consent given, then he can sue for infringement of copyright.”
当被问道麦金托什是否可能起诉特朗普时,斯蒂芬森说:“假如歌曲使用没有经过完全公开、知情的同意,他可以因著作权受到侵犯而起诉。”
The Trump campaign did not respond to a request for comment.
特朗普的竞选团队未对评论请求作出回应。
Trump is among numerous politicians who have upset musicians. Bruce Springsteen objected to Ronald Reagan’s attempt to use Born in the USA as a backdrop for his re-election in 1984, and Mick Fleetwood has said that Bill Clinton’s campaign never sought permission for his 1992 campaign anthem, Don’t Stop.
除特朗普外,引起音乐人不满的政客还大有人在。1984年罗纳德•里根在第二次总统竞选中试图使用《Born in the USA》,遭到歌手布鲁斯•斯普林斯汀反对。1992年比尔•克林顿使用《Don’t Stop》作为竞选歌曲,而米克•弗里特伍德说这从未征得他的同意。
Sometimes, however, there is harmony between musicians and politicians. The Northern Irish group D:Ream approved Tony Blair’s use of Things Can Only Get Better during the Labour party’s 1997 campaign.
不过,音乐人和政客也有和平相处的时候。1997年,北爱尔兰组合D:Ream就同意了工党托尼•布莱尔在英国大选中使用他们的作品《Things Can Only Get Better》。