Amanda Bronstad reports: AshleyMadison.com’s parent company is hoping to knock out more than 20 class actions filed over its 2015 data breach by invoking online arbitration agreements the plaintiffs signed when they subscribed to its matchmaking services. The move to arbitrate comes after Avid Life Media Inc., which has been rebranded as Ruby Corp., agreed…
Category: Business Sector
PH: ‘Comeleak’: Poll chief rapped for data breach, may face criminal prosecution
Vito Barcelo reports: The National Privacy Commission found the Commission on Elections liable for violating the Data Privacy Act of 2012 and recommended the criminal prosecution of Chairman J. Andres D. Bautista for “the worst recorded breach on a government-held personal database in the world” last March. In a decision, dated Dec. 28, on NPC Case…
Box.com plugs account data leakage flaw
Tom Spring writes: Box.com has changed the way it handles publicly shared accounts and folders after a researcher found confidential documents and data belonging to Box.com users via Google, Bing and other search engines. While Box.com maintains this is a case of its customers unintentionally over-sharing, it says it has “fixed” the issue. The problem…
Customer records from used car dealership found dumped in Detroit’s Brightmoor area
If you were a customer of Get Fresh Auto in Detroit, you may want to read a report by Randy Wimbley for Fox2. Contacted after a watchdog found customer information just dumped on a debris-littered street, the used car dealership’s owner’s responses to the reporter’s questions about how the papers wound up there reminded me of Sgt. Schultz in Hogan’s Heroes. “As soon…
Changing other people’s flight bookings is too easy
Lucian Constantin reports: The travel booking systems used by millions of people every day are woefully insecure and lack modern authentication methods. This allows attackers to easily modify other people’s reservations, cancel their flights and even use the refunds to book tickets for themselves, according a team of researchers who analyzed this online ecosystem. Karsten…
UK: Derbyshire computer hacker who broke into a company’s emails is now helping it get secure
Kit Sandeman reports that a 24-year-old man from London who was arrested after targeting an unnamed organization in Derbyshire has been given a “restorative justice” option: The man admitted accessing email accounts by using information found on social media sites such as LinkedIn and Facebook to identify targets, and bypass their security questions. This then…