Kyodo News reports: Some 12.6 million cases involving the leak of personal information were confirmed or suspected in the nation last year due to cyberattacks against companies and other entities, a Kyodo News survey showed Monday, affecting roughly 1 in 10 people. The figure marked a sixfold increase from the 2.07 million cases in 2015,…
Category: Commentaries and Analyses
Chicago Public Schools exposed confidential student information – again!
Lauren FitzPatrick reports: Confidential information about Chicago Public Schools students — including medical conditions and dates of birth — was kept on unsecured web documents that anyone could call up despite laws and CPS rules that are supposed to safeguard children’s privacy. Some of the personal, identifiable information involved requests for certain ongoing nursing services…
Aadhaar biometric data breaches trigger privacy concerns
Suranjana Roy, Komal Gupta, and Apurva Vishwanath report: A case of Aadhaar data breach has caused privacy concerns and raised questions over the security of biometric data in possession of the Unique Identification Authority of India (UIDAI). […] The UIDAI filed a police complaint on 15 February against Axis Bank Ltd, business correspondent Suvidhaa Infoserve…
Yahoo responds to Senators’ questions about breaches
Yahoo has responded to the letter sent by Republican Senators John Thune, Commerce Committee Chairman, and Jerry Moran, Consumer Protection, Product Safety, Insurance and Data Security Subcommittee Chairman. The letter had been sent because the senators felt they weren’t getting enough cooperation from the firm. You can read Yahoo’s response here (pdf). See what you think. The firm…
How to Bury a Major Breach Notification
There are ways to bury a breach disclosure other than waiting until after 3 pm on the Friday of a holiday weekend. Brian Krebs reports: Amid the hustle and bustle of the RSA Security Conference in San Francisco last week, researchers at RSA released a startling report that received very little press coverage relative to its overall…
Vets lose privacy lawsuit against VA after unencrypted data is stolen from hospital
Patrick O’Neill reports: After multiple thefts and data breaches related to the unencrypted personal information of 7,400 U.S. veterans out of a Veterans Affairs hospital, an appeals court dismissed a lawsuit this month in which patients alleged violations of the Privacy Act and Administrative Procedure Act. The veterans claimed at least seventeen more data breaches have occurred at Wm….