Nick Statt reports: Whisper, an anonymous secret-sharing mobile app that rose to prominence more than half a decade ago, has been inadvertently exposing sensitive information about its users for years through a public online database, according to a new report from The Washington Post. The app, while far from as popular as it was in the few years…
Category: Of Note
Brazil: Millions of Records Leaked, Including Biometric Data
Jim Wilson reports: The security research team at Safety Detectives has discovered a significant data leak in addition to other security flaws (such as lack of password protection) relating to fingerprint data on an Antheus log server in Brazil. Our team, led by Anurag Sen, discovered almost 2.3 million data points in total and estimates that…
Israeli spyware company accused of WhatsApp hack: Facebook lied in lawsuit
Tal Shahaf of Reuters reports: A fierce legal battle between Facebook and Israeli cyber security firm NSO ramped up this week with the latter telling a California court that the social media giant lied about providing material related to its lawsuit against the high-tech firm. Facebook is suing NSO for allegedly spying on smartphone users…
NY SHIELD Act Data Security Requirements Effective This Month
Julia K. Kadish of Sheppard Mullin writes: Businesses collecting personal information from New York residents will soon be expected to apply enhanced data security requirements. The New York SHIELD Act, signed into law in July 2019, expanded breach notice requirements in October 2019. Now, On March 21, 2020, the remaining provisions related to data security will…
All bets off as children’s data is leaked
ITPro reports: The way that the Department for Education (DfE) handles sensitive data on children and students needs a thorough independent investigation, experts argue, following revelations that one of its datasets had been used to help betting companies target new customers. The data scare was flagged in an investigation by The Sunday Times, but IT Pro’s sister…
Alleged Russian hacker on trial Monday for 2012 LinkedIn, Dropbox hacks
Laura Hautala reports: Everyone makes cybersecurity mistakes. Yevgeniy Nikulin, a Russian national accused of some of the biggest hacks in recent history, is no exception, prosecutors say. Nikulin allegedly stole millions of usernames and passwords by breaching systems at LinkedIn, DropBox and Formspring in 2012. He also attempted to sell hacked information on online black…