Vincent Manancourt reports: Your order history. Your credit card information. Even your intimate health data. Amazon is amassing an empire of data as the online retailer ventures into ever more areas of our lives. But the company’s efforts to protect the information it collects are inadequate, according to insiders who warn the company’s security shortfalls…
Category: Of Note
Over 8 million COVID-19 test results leaked online
Ax Sharma reports: … Last month, BleepingComputer exclusively reported that multiple Indian government websites were leaking COVID-19 patient test reports. This week, security researcher Sourajeet Majumder has shared with BleepingComputer his discovery of another government website exposing millions of COVID-19 test results. Read more on BleepingComputer.
“Without Undue Delay,” Friday edition
The Jacobson Memorial Hospital & Care Center had a breach last year that they are first disclosing this week. Here’s the chronology, based on a statement from their external counsel: July 28, 2020 — One employee’s email account is compromised and used to send out spam. August 5, 2020 — Hospital manages to kick bad…
TikTok Will Pay $92M to Settle Lawsuit Over Personal Data ‘Theft’
Stephanie Milot reports: TikTok has agreed to pay $92 million to settle a class-action lawsuit alleging the social network collected users’ biometric information and personal data without consent and shared it with third parties. The proposed settlement applies to 89 million TikTok members in the US whose personal data was allegedly tracked and sold to advertisers in…
French Regulator Lambasts Health Firms Over Mass Data Leak
Helene Fouquet reports: France’s privacy watchdog said it’s investigating the leak of sensitive health data on half a million people and said the companies involved could face heavy penalties if they don’t come forward with details of the breaches. The leaks were of “particularly significant magnitude and severity,” the CNIL said in a statement. Hackers may have…
Lazarus targets defense industry with ThreatNeedle
Vyacheslav Kopeytsev and Seongsu Park write: We named Lazarus the most active group of 2020. We’ve observed numerous activities by this notorious APT group targeting various industries. The group has changed target depending on the primary objective. Google TAG has recently published a post about a campaign by Lazarus targeting security researchers. After taking a closer look,…