Fred Donovan reports: June 25, 2018 – US District Court Judge Rudolph Contreras dismissed a lawsuit by Hope Lee-Thomas accusing LabCorp of a HIPAA violation for not providing adequate privacy protections at its Providence Hospital computer intake station. Lee-Thomas argued in her lawsuit that LabCorp failed to shield her PHI from public view at its computer…
Category: Commentaries and Analyses
Comcast fixes another Xfinity website data leak
Zack Whittaker reports: A little-known page on Comcast’s Xfinity website was exposing customers’ account information to anyone — or any app — on a customer’s network. An anonymous security researcher dropped ZDNet an email, explaining that an API used by the internet giant could be tricked into returning customer data, including account numbers, a customer’s…
Apple comments on erroneous reports of iPhone brute force passcode hack
Rene Ritchie reports: Update: Apple has provided me with the following statement, which should close the door on speculation surrounding this purported exploit: “The recent report about a passcode bypass on iPhone was in error, and a result of incorrect testing” Yesterday, a security researcher reported on a possible brute-force passcode attack that affected iPhone…
FBI Publishes its 2017 Internet Crime Report
Justin Hemmings of Alston & Bird writes: The FBI recently published its 2017 Internet Crime Report highlighting trends and statistics compiled by the FBI’s Internet Crime Complaint Center (“IC3”) during 2017. The report compiles data from a total of 301,580 complaints which reported losses of over $1.4 billion. In addition to an explanation of the…
Aadhaar Security Failure: Government Webpages Provide Unsecured Access To Demographic Authentication
Aria Thaker reports: In another exposure of Aadhaar’s cybersecurity weaknesses, over 70 subdomains under a Government of India website are providing access to demographic-authentication services without requiring identity verification from the requester. The websites allow users to access an application programming interface, or API, in which anyone can enter a person’s Aadhaar number, name, gender…
A hacker figured out how to brute force iPhone passcodes (or did he?)
June 24 Update: It seems that there were errors made. Rene Ritchie reports: Update: Apple has provided me with the following statement, which should close the door on speculation surrounding this purported exploit: “The recent report about a passcode bypass on iPhone was in error, and a result of incorrect testing” Read more on iMore….