From the get-of-jail-free dept., Freddie Whittaker reports: Dozens of schools that breached data protection rules have walked away without punishment, despite being reported to the information watchdog. New figures obtained exclusively by Schools Week show that during the past school year the Information Commissioner’s Office (ICO) dealt with 66 reports of breaches by schools of the Data…
Category: Commentaries and Analyses
LifeLock to Pay $100 Million to Consumers to Settle FTC Charges it Violated 2010 Order (Updated)
I had previously reported that LifeLock was negotiating to settle FTC charges that it had violated a 2010 consent order. Now it’s official. From the FTC: LifeLock will pay $100 million to settle Federal Trade Commission contempt charges that it violated the terms of a 2010 federal court order that requires the company to secure…
Hospitals Aren’t the Only Ones Bleeding Health Records
Kaveh Waddell reports on an issue near and dear to my heart: not all entities that collect or store health information are HIPAA-covered entities. Earlier this year, as one example, we saw the Systema Software leak that impacted numerous firms with a wealth of workers compensation claims. And last year, we saw many employees’ wellness data breached…
Number of leaking MongoDB databases increasing: Shodan founder
Yesterday’s news about a MongoDB database belonging to MacKeeper (Kromtech) leaking certainly got a lot of media attention. But now do read John Matherly’s comments on Shodan. Matherly, the founder of Shodan, notes that the number of available, unauthenticated instances of MongoDB has actually increased in the past few months. Of note, he explains that increase is occurring…
Despite warnings earlier this year, tens of thousands of databases continue to leak (update1)
Back in February, some students from the Centre for IT-Security, Privacy and Accountability (CISPA) at Saarland University, Germany made headlines when they reported that they had found approximately 40,000 MongoDB Databases exposed on Port 27017, a port that is open by default in a MongoDB Database installation. Anyone who searches Shodan would be able to easily locate such leaking databases. So what happened after they…
Two apps with health info found leaking: researcher. Part 2: Hzone
This is Part 2 of today’s posts reporting on apps leaking health information. The leaks were shared with DataBreaches.net by researcher Chris Vickery, and this one involves very sensitive health and medical information. Part 1 reported on iFit’s data leak. Screenshots provided to DataBreaches.net on December 8 by Vickery revealed that 4,926 user accounts from Hzone Dating App for HIV-positive…