Zack Whittaker reports that Talkspace threatened a researcher who blogged about a problem he found on their site in signing up for a free year’s subscription. John Jackson said he was able to sign up to Talkspace, a popular therapy app, as if he were an employee at one of the companies whose health insurance…
Category: Commentaries and Analyses
Melbourne professor quits after health department pressures her over data breach
Josh Taylor reports: A prominent university professor has quit after the health department pressured her university to stop her speaking out about the Medicare and PBS history of over 2.5 million Australians being re-identifiable online due to a government bungle. In 2016, Vanessa Teague, a cryptographer from the University of Melbourne, and two of her…
US property and demographic database of 200 million records leaked on the web
Paul Bischoff reports: An exposed online database consisting of some 200 million records included a wide range of sensitive personal and demographic data about residents and their properties. Homeowners were identified as well as info about their credit ratings, net worth, and income, among other details. At this time we have not been able to…
Ransomware Attackers Use Your Cloud Backups Against You
Lawrence Abrams reports: Backups are one the most, if not the most, important defense against ransomware, but if not configured properly, attackers will use it against you. Recently the DoppelPaymer Ransomware operators published on their leak site the Admin user name and password for a non-paying victim’s Veeam backup software This was not meant to expose the…
UK: Cathay Pacific Airways Limited fined £500,000 for failing to secure its customers’ personal data
From the ICO: The Information Commissioner’s Office (ICO) has fined Cathay Pacific Airways Limited £500,000 for failing to protect the security of its customers’ personal data. Between October 2014 and May 2018 Cathay Pacific’s computer systems lacked appropriate security measures which led to customers’ personal details being exposed, 111,578 of whom were from the UK, and…
OCR settles complaint against doctor for failure to have appropriate risk assessment and security controls, despite technical assistance
OCR has settled a complaint against a covered entity for violations that first occurred prior to November, 2013, but continued thereafter. Yes, 2013. That’s when Steven A. Porter, M.D., first reported a breach to OCR that involved his business associate Elevation43. According to the complaint Porter filed at the time, and as described by OCR,…