Hunton Andrews Kurth writes: On April 11, 2019, the People’s Republic of China’s Network Security Bureau of the Ministry of Public Security, the Beijing Network Industry Association and the Third Research Institution of the Ministry of Public Security jointly released a “Guide to Protection of Security of Internet Personal Information (the “Guide”). The Guide presents…
Category: Of Note
Over Dozen Popular Email Clients Found Vulnerable to Signature Spoofing Attacks
Swati Khandelwal reports: A team of security researchers has discovered several vulnerabilities in various implementations of OpenPGP and S/MIME email signature verification that could allow attackers to spoof signatures on over a dozen of popular email clients. The affected email clients include Thunderbird, Microsoft Outlook, Apple Mail with GPGTools, iOS Mail, GpgOL, KMail, Evolution, MailMate,…
In the process of notifying patients of a web exposure breach, Inmediata experiences a mail exposure breach?!
Reading the comments under the Inmediata press release is like watching a train wreck happen right in front of you. Many people are reporting that they have received multiple notification letters from Inmediata — many with the names of people who are unknown to them and who do not live at their address. One person…
SEC Warns Advisers Over Privacy Compliance Issues
Craig A. Newman of Patterson Belknap writes: The Securities and Exchange Commission is warning investment firms to step up their game when it comes to following the agency’s privacy rules. In a Risk Alert issued by the Office of Compliance Inspections and Examinations (OCIE), a laundry list of compliance “deficiencies or weaknesses” were identified in…
Report: Unknown Data Breach Exposes 80 Million US Households
vpnMentor’s research team discovered a hack affecting 80 million American households. Known hacktivists Noam Rotem and Ran Locar discovered an unprotected database impacting up to 65% of US households. Hosted by a Microsoft cloud server, the 24 GB database includes the number of people living in each household with their full names, their marital status,…
Employee behind DJI data leak on Github sentenced to prison and fined
Jill Shen reports: A former employee of Chinese drone maker DJI was sentenced to six months in prison and fined RMB 200,000 [almost $30,000.00 USD] for unauthorized disclosure of the company’s data to code-sharing platform Github, according to the prosecutor involved in the case. The office of the People’s Procuratorate of Shenzhen posted on messaging app WeChat…