Jim Wilson reports: The security research team at Safety Detectives has discovered a significant data leak in addition to other security flaws (such as lack of password protection) relating to fingerprint data on an Antheus log server in Brazil. Our team, led by Anurag Sen, discovered almost 2.3 million data points in total and estimates that…
Category: Of Note
Israeli spyware company accused of WhatsApp hack: Facebook lied in lawsuit
Tal Shahaf of Reuters reports: A fierce legal battle between Facebook and Israeli cyber security firm NSO ramped up this week with the latter telling a California court that the social media giant lied about providing material related to its lawsuit against the high-tech firm. Facebook is suing NSO for allegedly spying on smartphone users…
NY SHIELD Act Data Security Requirements Effective This Month
Julia K. Kadish of Sheppard Mullin writes: Businesses collecting personal information from New York residents will soon be expected to apply enhanced data security requirements. The New York SHIELD Act, signed into law in July 2019, expanded breach notice requirements in October 2019. Now, On March 21, 2020, the remaining provisions related to data security will…
All bets off as children’s data is leaked
ITPro reports: The way that the Department for Education (DfE) handles sensitive data on children and students needs a thorough independent investigation, experts argue, following revelations that one of its datasets had been used to help betting companies target new customers. The data scare was flagged in an investigation by The Sunday Times, but IT Pro’s sister…
Alleged Russian hacker on trial Monday for 2012 LinkedIn, Dropbox hacks
Laura Hautala reports: Everyone makes cybersecurity mistakes. Yevgeniy Nikulin, a Russian national accused of some of the biggest hacks in recent history, is no exception, prosecutors say. Nikulin allegedly stole millions of usernames and passwords by breaching systems at LinkedIn, DropBox and Formspring in 2012. He also attempted to sell hacked information on online black…
PA: Liability claim remains against UPMC Susquehanna in medical records ‘snooping ‘ case
John Beauge reports: A Lycoming County judge has refused to dismiss a vicarious liability claim against UPMC Susquehanna that is being sued because an employee accessed the medical records of a co-worker without authorization. Judge Eric R. Linhardt on Wednesday rejected UMPC’s claim it was not liable because Taylor Fausnaught failed to state any claim…