Steven Melendez reports: A loophole in Facebook’s advertising targeting mechanism could have let attackers obtain users’ phone numbers after they visited websites the attackers controlled, a group of scientists revealed in a paper presented last week. Facebook, which awarded the researchers a $5,000 bug bounty, has since taken steps to thwart similar attacks, and neither…
Category: Business Sector
Settlement proposed in Yahoo data breach securities litigation
Judy Greenwald reports: An $80 million settlement has been proposed in a securities class litigation filed in connection with Yahoo Inc. data breaches in 2013 and 2014. The proposed settlement in In re Yahoo Inc. securities litigation, filed in U.S. District Court in San Francisco on Friday, was publicized Monday. In December 2016, Yahoo announced…
MY: MCMC and security firm ordered to file defence on data leak (Updated)
Vathani Panirchellvum reports: The Malaysian Communications and Multimedia Commission (MCMC) and Nuemera Sdn Bhd, a data security company have been asked to file their defence over a data leak case involving 46.2 million telco subscribers. The Session Courts today instructed MCMC and Nuemera to file their defence against the civil suit brought by PKR communications…
Pennsylvania’s attorney general sues Uber over 2016 data breach
Harper Neidig reports that the Pennsylvania Attorney General is suing Uber over its 2016 data breach. The following is the state’s press release: HARRISBURG – Pennsylvania Attorney General Josh Shapiro today filed a lawsuit against Uber Technologies, Inc. for violating Pennsylvania’s data breach notification law. Uber knew for more than a year that a data breach potentially impacting…
SEC Issues Updated Guidance on Public Company Cybersecurity Disclosures
Laura E. Goldsmith of Proskauer writes: On February 21, 2018, the Securities and Exchange Commission (SEC) issued an interpretive Commission Statement and Guidance on Public Company Cybersecurity Disclosures (the “Guidance”) to assist public companies in meeting their cybersecurity disclosure requirements under the federal securities laws. The Guidance notes that, as reliance on networked systems and the Internet have…
Point-of-Sale Breach Confirmed at Some Applebee’s Locations
David Bisson reports: It’s confirmed that some locations of the Applebee’s restaurant chain suffered a point-of-sale (POS) breach involving customers’ payment card data. On 2 March, RMH Franchise Holdings (RMH) issued a notice of data incident on its website. The statement explains how RMH, a franchisee of Applebee’s which operates more than 150 restaurant locations,…