Chuang Shu-chung reports: … One Chinese “white hat” hacker group, wooyun.org, found 13 models of Chinese-made smartwatches with defects in their information security management systems. The group said hackers could easily break into the smartwatch’s system and steal the wearer’s personal information and tracking history. In other words, the watch could have precisely the opposite…
Category: Commentaries and Analyses
5 things the FTC should do to improve data security in the wake of Wyndham
Dan Solove and Woody Hartzog have 5 suggestions for how FTC could use its authority to improve data security: Here’s how we think the FTC should use its authority to drive important change: 1. Do more proactive enforcement 2. Take on more data security cases 3. Push companies toward improved authentication – moving beyond mere passwords 4….
How Encryption Can Help Protect Your Personal Information
Commissioner Terrell McSweeny of the FTC writes: High profile car hacks, large-scale breaches of intimate information, news of compromised household appliances — hardly a day passes without some revelation of the ways in which our increasing interconnectedness is introducing new vulnerabilities into our lives. Technology is advancing at a rapid clip, and so are breaches….
FTC gives Feds the finger over backdoor encryption demands
Kevin McCarthy reports: The US Federal Trade Commission (FTC) has fired a second shot at the Feds over its demand for backdoors in encryption systems. Following a blog post last month by the regulator’s CTO in which he outlined why he was glad to have strong firmware encryption after his laptop was stolen, today FTC Commissioner Terrell…
Even encrypted medical record databases leak information
Jeremy Kirk reports: A new study from Microsoft researchers warns that many types of databases used for electronic medical records are vulnerable to leaking information despite the use of encryption. The paper, due to be presented at the ACM Conference on Computer and Communications Security next month, shows how sensitive medical information on patients could be…
UCLA Health notifying patients of stolen laptop containing personal health information; third breach report in as many months?
Hard to believe, but UCLA Health is notifying patients of yet another data breach. From a notice issued today: UCLA Health is sending notification letters to 1,242 individuals about the theft of a laptop computer containing patient names, medical record numbers, and health information used to help prepare patient treatment plans. No social security numbers,…