Commentaries and Analyses – Page 535

Aadhaar hearing: Supreme Court expresses concerns with data breaches, Aadhaar security and profiling

Posted on March 28, 2018 by Dissent

It sounds like the Supreme Court of India was asking UIDAD some appropriate questions about the Aadhaar system. Asheeta Regidi reports: On Day 22 of the Aadhaar hearing, the CEO of the UIDAI, Ajay Bhushan Pandey, completed his PowerPoint presentation before the Supreme Court and answered the questioned posed by the petitioners. The bench posed…

32 state Attorneys General to Congress: Don’t replace our stronger privacy laws!

Posted on March 27, 2018 by Dissent

Mike Litt writes: A bipartisan group of 32 state Attorneys General, led by Illinois AG Lisa Madigan, sent a joint letter last week to the House Financial Services Committee leadership against the draft (link includes opposition testimony of Massachusetts Attorney General’s Office) “Data Acquisition and Technology Accountability and Security Act” that PIRG has also been opposing. The bill…

More details emerge on The MENTOR Network breach

Posted on March 27, 2018 by Dissent

On March 21, National Mentor Healthcare, doing business as Georgia MENTOR, announced that they were notifying patients of a data breach. A disk with protected health information mailed to them by a software provider was lost in the mail, they explained. They had reportedly discovered the loss on December 21. They did not disclose when…

“First do no harm” should be “First, secure your patient data, Doctor!”

Posted on March 26, 2018 by Dissent

When they discovered more than 42,000 patient records and millions of patient clinical notes exposed on a misconfigured rsync backup, researchers at UpGuard responsibly set out to notify the entity to secure their data. It turned out to be a Herculean task that would take almost two months and multiple entities to get the job…

UIDAI puffs its chest, threatens ZDNet for the crime of journalism

Posted on March 25, 2018 by Dissent

Here we go again with shooting the messenger. Whenever someone points out leaks, breaches, or vulnerabilities involving Aadhaar data, the UIDAI often responds by denying most claims, and stating that because there’s been no breach of their database, there’s nothing to worry about. Even when there is something to worry about. Now UIDAI is making threatening…

How “Hacker Search Engine” Shodan Caught Leakage of 750MB Worth Of Server Passwords

Posted on March 23, 2018 by Dissent

Update: I missed the original credit/source for this story when I posted it, but do see Dan Goodin’s article on Ars Technica. Original post: Remember Memcached servers? Now, we have another case of servers exposed online and fulfilling evil intentions of the hackers. This time, thousands of etcd servers maintained by corporates and organizations are…