ZackWhittaker reports: A bug in Comcast’s website used to activate Xfinity routers can return sensitive information on the company’s customers. The website, used by customers to set up their home internet and cable service, can be tricked into displaying the home address where the router is located, as well as the Wi-Fi name and password….
Category: Commentaries and Analyses
EPIC to DC Circuit: Informational Privacy is a Constitutional Right
From EPIC: EPIC has filed a “friend of the court” brief, joined by forty-four technical experts and legal scholars (members of the EPIC Advisory Board), in the OPM Data Breachcase. The case concerns the data breach at the US Office of Personnel and Management in 2015 that affected 22 million federal employees, their friends, and…
Human error to blame in vast majority of education data breaches
Mark Satter reports: The nation relies on teachers to educate our children and help them when they make mistakes. But when it comes to protecting students’ data, it is often the teachers and school staff who mistakenly let bad actors in to school computer systems, officials say. In a hearing Thursday before the House Committee…
So was TheDarkOverlord really arrested?
Over the past few days, I’ve been asked by many people what I think about reports that Serbian police arrested a member of TheDarkOverlord. Some journalists seem to be going even further and reporting that multiple arrests have been made. I’ve said repeatedly and will repeat it here: I don’t know who did get arrested,…
Steward Must Convince Jury Doc Fired For HIPAA Violation
Chris Villani reports: Steward Healthcare System LLC will need to convince a jury it fired a psychiatrist for violating the Health Insurance Portability and Accountability Act and not because, as the doctor claims, he took disability leave after getting pneumonia, a Massachusetts federal judge ruled Wednesday in denying part of a summary judgment bid. You…
More than 200,000 patients’ records were exposed on MedEvolve’s public FTP server – researcher
Common sense dictates that patients’ protected health information should not be made freely available on FTP servers that have no login required. And yet it still happens, and has happened again. Recently, this site learned of another FTP server exposing patients’ information. This particular FTP server belongs to MedEvolve, an Arkansas company that provides practice management…