It feels like it’s been a while since we’ve seen an FTC data security case (well, apart from Zoom’s issues). Today, FTC issued a press release about a settlement stemming from SkyMed International’s misconfigured elastic search instance that exposed more than 130,000 people’s information. The exposed data were discovered by Jeremiah Fowler and reported in…
Category: Business Sector
Spotify notifies customers of breach, files under CCPA
Steve Zurier reports: Streaming service Spotify has notified an unspecified number of its customers of a data breach, responding by resetting passwords on the accounts that were attacked. […] In a breach notification letter dated Dec. 9 to its customers and filed with the California attorney general, Spotify said the company discovered the vulnerability on its system…
Hackers at center of sprawling spy campaign turned SolarWinds’ dominance against it
Raphael Satter and Christopher Bing have a somewhat mind-boggling update to the SolarWinds hack – a hack that will be remembered as one of the biggest and most concerning hacks of 2020. And it’s only likely to get worse for SolarWinds, whose stock already dropped significantly. We know that companies can recover from breaches and…
Huber & Suhner victim of cyber attack, production stands still
Swiss iTMagazine reports (translated): The industrial company Huber & Suhner from Herisau was the victim of a cyber attack. All of the company’s production facilities are currently closed worldwide. Read more on Swiss itMagazine. The attack was first reported on fuw.ch h/t, @Chum1ng0
Promutuel Assurance’s IT systems disabled by cyberattack
Lyle Adriano reports: Promutuel Assurance has been the target of a cyberattack that made the company’s critical IT systems unavailable for use. The insurer said in a release that as soon as the incident was brought to its attention on Saturday it quickly had a team of experts conduct an in-depth investigation to find out…
Data Protection Commission announces decision in Twitter inquiry
15th December 2020 The Data Protection Commission (DPC) has today announced a conclusion to a GDPR investigation it conducted into Twitter International Company. The DPC’s investigation commenced in January, 2019 following receipt of a breach notification from Twitter and the DPC has found that Twitter infringed Article 33(1) and 33(5) of the GDPR in terms…