Kate Conger reports: A pair of hackers discovered a vulnerability in Air Force software that allowed them to gain access to the Department of Defense’s unclassified network—a find that earned them more than $10,000, the largest payout ever in a government bug bounty program. Read more on Gizmodo.
Category: Commentaries and Analyses
LabMD Appeal Has Privacy World Waiting
Craig A. Newman writes: It is the case that could define the scope of the U.S. Federal Trade Commission’s authority in data security. The U.S. Court of Appeals for the Eleventh Circuit heard argument six months ago in LabMD, Inc. v. Federal Trade Commission. As readers of this blog know, the case turns on what…
Still time to cast your vote for worst health data breaches of 2017
So I asked you to let me know what you thought the worst health data breaches of 2017 were. I’ve gotten only a few responses, but they all agree with each other. But let’s hear what you think. You can email me your picks or thoughts at admin[at]databreaches[dot]net or tweet them to me at @PogoWasRight…
Researcher claims LinkedIn ignored security flaw, but did they?
Tom Warren reports: Khalil Shreateh, a self-professed IT expert from Palestine, hit the headlines four years ago when he hacked Facebook CEO Mark Zuckerberg’s wall. Shreateh was frustrated that Facebook was ignoring a big security flaw, so demonstrating it on Zuckerberg’s own Facebook wall was an easy way to get the company to act. Shreateh…
Federal Court Permits Former Employees’ Data Breach Claims to Move Forward
Jeffrey M. Schlossberg writes: A data breach occurs in which an outside individual obtains your company’s employees’ W-2 forms including social security numbers, addresses, and salary information. As a result, your company notifies all affected employees, explains what occurred, and offers a complimentary two-year membership to a service that helps detect misuse of personal information. …
Data Breach at Website with 45 Million Users Discovered During Academic Research
Catalin Cimpanu reports: A team of three researchers from the University of California, San Diego (UCSD) has created a tool that can detect when user-registration-based websites suffer a data breach. The tool, named Tripwire, works on a simple concept. Researchers say that Tripwire registers one or more accounts on websites by using a unique email…