Mastodawn

Es wäre leicht #datenschutzkonform zu lösen:

Wer auf diese, nun, #Tradition steht, füllt beim #Bürgeramt ein #Formular aus: Bitte veröffentlicht meinen Namen, Geburtsdatum und folgende, weiteren #PII im #Amtsblatt, zum Ankreuzen: Adresse, Bankverbindung, Famlienstand, Lieblingsessen, Geschlechtskrankheiten. Und wer das nicht will, läßt es sein. #OptIn for the win!

Wird ein #BorisPalmer aber nicht kapieren.

pgEdge Postgres 1d ago

Large language models are ever more commonly handling sensitive data at scale. 📈

RAG Servers and MCP Servers serve completely different purposes. The security implications differ just as much, especially around database access. 🔒

Our latest blog delves into the differences so you can make an informed decision. Check it out 👉 https://www.pgedge.com/blog/rag-servers-vs-mcp-servers-choosing-the-right-approach-for-ai-powered-database-access

#programming #cybersecurity #compliance #pii #hipaa #ccpa #gdpr #privacy #dataprivacy #ai #llm #dataengineering #developers #mcp #rag #postgres

RAG Servers vs MCP Servers: Choosing the Right Approach for AI-Powered Database Access

As AI capabilities continue to evolve and integrate more deeply into our applications, we’re faced with interesting architectural decisions about how to expose our data to large language models (LLMs). Two approaches that have gained significant traction are Retrieval Augmented Generation (RAG) servers (such as pgEdge RAG Server) and Model Context Protocol (MCP) servers (such as pgEdge Natural Language Agent). Both have their place, but they serve quite different purposes and come with vastly different security implications – particularly when it comes to database access.

DevTo VN Bot 2d ago

🔐 AWS Lake Formation giúp bảo vệ PII trong Data Lake với kiểm soát truy cập dựa trên vai trò (RBAC). Thiết lập quyền ở cấp dữ liệu, bảng, cột, hàng, kết hợp lớp metadata (Glue) và lớp lưu trữ (S3) để ngăn rò rỉ. Áp dụng cho y tế, thương mại điện tử, GDPR… Giảm phức tạp so với bucket policies. #AWS #LakeFormation #DataLake #PII #BảoMật #QuyềnTruyCập #Cloud #AWSVietnam

https://dev.to/aws-builders/securing-pii-in-data-lakes-aws-lake-formation-access-control-18ef

Securing PII in Data Lakes: AWS Lake Formation Access Control

I recently went to the AWS Community Day in Bengaluru in 2025 on May 23rd, and I have to say, it was...

DEV Community

Show thread

Kevin Karhan

4d ago

The only way to stop this shitshow [legally!] is to #EncryptHarder and refuse to provide data & details!

Run @cryptoparty / @cryptoparty / #CryptoParties and teach folks proper #TechLiteracy!
#decentralize and use real #E2EE that isn't tied to a #proprietary platform and/or subject to #cyberfascist bs like #CloudAct and/or demands #PII like a #PhoneNumber!
Use #XMPP+#OMEMO & #PGP/MIME / #OpenPGP as well as @torproject / #Tor!
Refuse to use #AntisocialMedia and Systems run by #collaborators of #SurveillanceState|s!
Not just callout people who use "#AI' but refuse to work with, buy from, sell to or even share anything with *"AI"-#enshittifiers!

And most importantly:

Tell others to do the same and help them get proper Tech-#Literacy and #MediaLiteracy!

#USpol #EUpol #DEpol #politricks #politics #USA #Cyberfascism #Palantir #SurveillanceState #TechIlliterates #MediaIlliterates #illiteracy #technology #surveillance #AI #Enshittification #PoliceState #NSAbook #StasiBook

Rich 5d ago

when you get a notice that your #PII was leaked by a company again, do you even bother signing up for the proferred Maximum Plus Platinum Security Alert Two Year Free Plan from Neverheardofem Threat Protection, LLC?

All 3 of us just got the same offer from the local hospital and I chucked all three letters in the trash....

TechNadu 6d ago

The University of Sydney disclosed a breach involving unauthorized access to an internal code repository that contained historical PII for staff and students.

While the incident was reportedly limited to one system and quickly contained, the presence of real personal data in a development environment raises familiar governance and data minimization concerns.

This case reinforces the need for:
Regular audits of developer repositories
Strict data handling policies for non-production systems

Strong access controls and monitoring
What controls have you seen work best in large academic environments?

Source: https://www.bleepingcomputer.com/news/security/university-of-sydney-suffers-data-breach-exposing-student-and-staff-info/

Share insights and follow TechNadu.

#InfoSec #DataGovernance #EducationSecurity #PII #CyberIncident #TechNadu

CyberVeille.ch Dec 16

📢 Une base MongoDB ouverte de 16 To expose 4,3 milliards de profils professionnels
📝 Selon Security Affairs, le chercheur Bob Diachenko et nexos.ai ont découvert le 23 nove...
📖 cyberveille : https://cyberveille.ch/posts/2025-12-16-une-base-mongodb-ouverte-de-16-to-expose-43-milliards-de-profils-professionnels/
🌐 source : https://securityaffairs.com/185661/data-breach/experts-found-an-unsecured-16tb-database-containing-4-3b-professional-records.html
#MongoDB #PII #Cyberveille

Une base MongoDB ouverte de 16 To expose 4,3 milliards de profils professionnels

Selon Security Affairs, le chercheur Bob Diachenko et nexos.ai ont découvert le 23 novembre 2025 une base MongoDB de 16 To laissée ouverte, contenant environ 4,3 milliards d’enregistrements de profils « LinkedIn‑like »; la base a été sécurisée deux jours plus tard, sans qu’il soit possible de savoir qui y a accédé auparavant. Impact et données exposées Type d’incident: base de données MongoDB non sécurisée (exposition publique) Volume: ~4,3 milliards d’enregistrements, 16 To PII exposées (dans au moins trois collections): noms, emails, numéros de téléphone, liens LinkedIn, intitulés de poste, employeurs, parcours professionnel, éducation, localisation, compétences, langues, comptes sociaux; plus des URLs d’images et des Apollo IDs (liés à l’écosystème Apollo.io, sans signe de compromission d’Apollo) Structure de la base (extraits des 9 collections analysées par Cybernews)

CyberVeille

Show thread

Kevin Karhan

Dec 16

@campuscodi *#YetAnotherReason why demanding #PII like #PhoneNumbers should be illegal!

Dave Mason Dec 15

I always watch with interest when there's a movement to leave a particular capitalist, centralized social media platform.

Today it appears folks are considering leaving LinkedIn because they are/will be demanding PII for proof of age.

And while I applaud the movement, I always wonder "What took you so long?"

LinkedIn has abused their users for years. Why is the current enshittification enough to prompt activity, whereas past enshittification wasn't?

#PII
#LinkedIn
#Privacy
#Enshittification

CyberNetsecIO Dec 15

📰 700Credit Data Breach Exposes PII of 5.6 Million Individuals

Fintech firm 700Credit discloses a major data breach affecting 5.6 million people. Names, addresses, birth dates, and Social Security numbers were stolen. Victims are urged to freeze their credit. 🚗 #DataBreach #700Credit #PII #CyberSecurity

🔗 https://cyber.netsecops.io/articles/fintech-firm-700credit-discloses-data-breach-affecting-5-6-million/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

700Credit Data Breach Exposes PII of 5.6 Million Individuals

U.S. fintech firm 700Credit has suffered a data breach impacting 5.6 million individuals, with sensitive data including Social Security numbers exposed. The company serves the automotive industry.

CyberNetSec.io