Steven Melendez reports: A loophole in Facebook’s advertising targeting mechanism could have let attackers obtain users’ phone numbers after they visited websites the attackers controlled, a group of scientists revealed in a paper presented last week. Facebook, which awarded the researchers a $5,000 bug bounty, has since taken steps to thwart similar attacks, and neither…
Month: March 2018
Settlement proposed in Yahoo data breach securities litigation
Judy Greenwald reports: An $80 million settlement has been proposed in a securities class litigation filed in connection with Yahoo Inc. data breaches in 2013 and 2014. The proposed settlement in In re Yahoo Inc. securities litigation, filed in U.S. District Court in San Francisco on Friday, was publicized Monday. In December 2016, Yahoo announced…
Event: Fireside Chat: Chilling Effects on Security Research
By Center for Democracy & Technology DESCRIPTION For many years, security researchers, infosec experts, and hackers have faced negative consequences such as legal threats and prosecution for simply doing their jobs. These so-called “chilling effects” have reached near-mythical status, and the level of understanding of potential risks varies throughout the tech policy community. Please join…
Stolen University Hard Drive Potentially Exposes Thousands of Records
Robert Rodriguez reports: The theft of an external hard drive at Fresno State could expose the personal data of at least 15,000 people. The hard drive was reported missing Jan. 12 and Fresno State officials said some of the files may have contained personal information, including names, addresses, phone numbers, birth dates, credit card numbers,…
Officials: 2 ex-Florida Hospital employees stole, sold patient records
Jeff Deal and Jason Kelly report: Federal investigators said two former Florida Hospital employees stole and sold an unknown number of patient records. The hospital said it wouldn’t comment on the allegations because of a pending lawsuit, but Channel 9’s Jeff Deal uncovered a civil lawsuit against the hospital, which is separate from the criminal case,…
Insider Threat Seriously Undermining Healthcare Cybersecurity
I don’t agree that insider threats are more of a problem than external threats, but I am glad to see insider threats – including “human error” incidents get more attention. Jai Vijayan reports: The healthcare industry’s ability to defend against cyberthreats is being seriously undermined by its own workforce, according to two separate reports released…