Libbie Canter, Anna D. Kraus, and Rebecca Yergin of Covington & Burling write: California Attorney General Xavier Becerra (“AG”) announced in September a settlement against Glow, Inc., resolving allegations that the fertility app had “expose[d] millions of women’s personal and medical information.” In the complaint, the AG alleged violations of certain state consumer protection and privacy laws, stemming from privacy…
Category: Of Note
State Financial Regulators Issue Ransomware Mitigation Tool
Kimberly Peretti, Amy Mushahwar, and Alysa Austin of Alston & Bird write: On October 13, 2020, state financial regulators in partnership with the Bankers Electronic Crimes Taskforce and the U.S. Secret Service, released the Ransomware Self-Assessment Tool (R-SAT) to help financial institutions mitigate the risks of ransomware. The R-SAT is a detailed questionnaire designed to evaluate the…
Ca: Western students alerted about security breach at exam monitor Proctortrack
Andrew Lupton reports: A security breach of Proctortrack, the software Western University uses to monitor student exams remotely, is adding new fuel to a debate raging on campus over privacy concerns about the program. Proctortrack allows students to be monitored to prevent cheating while they take exams at home using their own computers. The program…
GAO: DATA SECURITY: Recent K-12 Data Breaches Show That Students Are Vulnerable to Harm
DATA SECURITY: Recent K-12 Data Breaches Show That Students Are Vulnerable to Harm GAO-20-644: Published: Sep 15, 2020. Publicly Released: Oct 15, 2020. Schools and school districts collect and store a lot of personal information about their students. But are K-12 institutions adequately securing student data? We found: Thousands of K-12 students had their personal information…
Privacy nightmare for Toledo Public Schools: Hackers dumped student and employee data
By mid-September, it was clear that school districts were under increased threat of ransomware attacks. In fact, when Clark County School District (CCSD) in Las Vegas and Fairfax County Public Schools (CFPS) in Virginia were added to the Maze cartel’s leak site, it seemed to portend potentially big data dumps. Since that dump, Maze dumped…
Twitter hackers trick employees by posing as IT workers, NY probe finds
Noah Manskar reports: A simple phone scam was the key first step in a Twitter hack that took over dozens of high-profile accounts this summer, New York regulators say. The hackers responsible for the July 15 attack called Twitter employees posing as company IT workers and tricked them into giving up their login credentials for the social network’s internal tools, the state’s Department of…