So I woke up to find that uKnowKids had issued a statement yesterday about their exposed database, an exposure that had been uncovered by and reported to them by Chris Vickery. Regular readers of this blog will recognize Chris’s name by now, as he’s uncovered a number of misconfigured databases that have been investigated by…
Category: Commentaries and Analyses
You Can’t Hide Behind Your EULA
In response to VTech’s controversial new EULA in the wake of their massive data breach, Cooley LLP has a commentary. Here are some excerpts: Apart from being a bit mean, it goes against the basic principles of data protection and consumer law in the UK. The Data Protection Directive 95/46 EC places obligations on the…
South Korean government to scrap password-based authentication for online banking
Park Han-na reports: Korean bank customers will soon be able to make online transactions without using security cards or one-time passwords (OTP) as the government is seeking ways to make online payments easier so as to drive innovation in the sector, financial authorities said Sunday. […] The move is expected to encourage financial institutions to…
California Attorney General Releases Report Defining “Reasonable” Data Security
I’ve previously posted a link to a report by the California Attorney General on breaches in California and recommendations, but I like that this post by Hunton & Williams focuses on the how the recommendations relate to “reasonable security:” Importantly, the Report states that, “[t]he failure to implement all the [Center for Internet Security’s Critical Security]…
VTech not backing down on terms change after data breach
Maria Korolov reports: Despite widespread public condemnation, Hong Kong toy maker VTech is not backing down from a change in its Terms and Conditions ducking its responsibilities in the event of a breach. European customers now have to agree to a Terms of Service that includes the following sentence: “You acknowledge and agree that any…
HHS OIG audit of SC Medicaid system revealed significant problems
Seanna Adcox of AP reports A four-decade-old computer system and poor safety measures at South Carolina’s Medicaid agency exposed the personal health information of roughly 1 million residents to risk of cybertheft, according to a federal report released Friday. The findings by the U.S. Department of Health and Human Services’ Office of Inspector General include…