Dell Cameron reports: Thousands of files containing the personal information and expertise of Americans with classified and up to Top Secret security clearances have been exposed by an unsecured Amazon server, potentially for most of the year. The files have been traced back to TigerSwan, a North Carolina-based private security firm. But in a statement…
Category: Business Sector
FTC Settles GLBA Enforcement Action Against TaxSlayer Stemming From 2015 Data Breach
We haven’t seen many data security enforcement actions under the Gramm-Leach-Bliley Act (GLBA) Safeguards Rule, but a recent case is a good opportunity to remind entities that they may be covered by it even if they didn’t know it. Edward McAndrew, Kim Phan, and Zaven Sargsian of Ballard Spahr write: The Federal Trade Commission (FTC)…
Hackers claim to have personal info of millions of Instagram accounts, including celebs
Sarah Buhr reports: A group of hackers used a bug earlier this week to scrape the phone numbers and email addresses of six million Instagram accounts and are now selling that information on the web. The hackers mainly targeted celebrities and verified users, including Selena Gomez, who’s account was hacked two days ago. The hackers…
BroadSoft Inc. left millions of partners’ customer data records exposed
Bob Diachenko of Kromtech Security reports: One of the top companies that provides cloud-based unified communications has just leaked more than 600GB of sensitive files online. The Kromtech Security Center has discovered not just one but two cloud-based file repositories (AWS S3 buckets with public access) that appear to be connected to the global communication…
Yahoo must face litigation by data breach victims: U.S. judge
Jonathan Stempel reports: A U.S. judge said Yahoo must face nationwide litigation brought on behalf of well over 1 billion users who said their personal information was compromised in three massive data breaches. Wednesday night’s decision from U.S. District Judge Lucy Koh in San Jose, California, was a setback for efforts by Verizon Communications Inc,…
Instagram alerts high-profile users their data may have been accessed
Selena Larson reports: Instagram is alerting high-profile users that someone could have accessed their phone number and email address through a bug in its software. In an email sent to verified users on Wednesday, Instagram said that no account passwords were accessed, and the bug has been fixed. It is reminding those people to use…