Catalin Cimpanu reports: Chinese companies have leaked a whopping 590 million resumes in the first three months of the year, ZDNet has learned from multiple security researchers. Most of the resume leaks have occurred because of poorly secured MongoDB databases and ElasticSearch servers that have been left exposed online without a password, or have ended up online…
Month: April 2019
The Anatomy of an FTC Data Security Lawsuit
Anne Bolamperti and Patrick X. Fowler of Snell & Wilmer write: The Federal Trade Commission (“FTC”) has described itself as “Your cop on the privacy beat” and a top federal regulator of consumer-facing data security practices. An example of how the FTC asserts itself when it comes to data security and privacy associated with Internet…
UK: Former NHS manager fined for sending personal data to her email account
A former GP practice manager has been fined for sending personal data to her own email account without authorisation, following an investigation by the Information Commissioner’s Office (ICO). Shamim Sadiq worked at Hollybrook Medical Centre in Littleover, Derby, but was suspended on 3 November 2017 for unrelated matters and dismissed later that month. Derby Magistrates’…
UK: ICO Fines London Council for Gangs Matrix Data Leak Exposing 203 People
Sergiu Gatlan reports: The London Borough of Newham received a £145,000 monetary penalty from the Information Commissioner’s Office (ICO) after leaking the personal information of more than 200 individuals allegedly associated with gangs. As discovered by an ICO investigation, the personal data of more than 203 alleged gang members was disclosed by a Newham Council…
OH: University Hospitals’ employee accidentally shared health information for hundreds of patients
Ginger Christ reports: An employee at University Hospitals Rainbow Babies & Children’s Hospital accidentally disclosed private health information for about 840 patients in late February, according to a news release today from the health system. UH said the employee, who has not been publicly identified, sent an email to a “select group of patients or…
AeroGarden maker says hackers stole months of credit card data
Zack Whittaker reports: Bad news for home gardeners: criminals might have your credit card data. AeroGrow, the maker of the at-home garden kit AeroGarden, said in a letter to customers that its website had credit card scraping malware for more than four months. The company said anyone who bought something through its website between October…