Catalin Cimpanu reports: Chinese companies have leaked a whopping 590 million resumes in the first three months of the year, ZDNet has learned from multiple security researchers. Most of the resume leaks have occurred because of poorly secured MongoDB databases and ElasticSearch servers that have been left exposed online without a password, or have ended up online…
Category: Of Note
The Anatomy of an FTC Data Security Lawsuit
Anne Bolamperti and Patrick X. Fowler of Snell & Wilmer write: The Federal Trade Commission (“FTC”) has described itself as “Your cop on the privacy beat” and a top federal regulator of consumer-facing data security practices. An example of how the FTC asserts itself when it comes to data security and privacy associated with Internet…
Is a third-party incident about to fuel a health insurance fraud ring?
Despite the fact that we are constantly bombarded with reports of breaches, there are even more breaches that seem to escape media coverage. I’ve been wondering about whether something I noticed recently might be something that will be used to fuel an insurance fraud operation. My curiosity was triggered when I read a notification from…
“Team_Orangeworm” issues new threats to CarePartners
Hackers who claimed to have stolen all of a Canadian home healthcare agency’s patient and employee data have issued a deadline and new threat to their victim: either pay us or we will start contacting your patients and giving data to the Ontario privacy commissioner’s office. And to prove their claim that they have sensitive…
PA: Bill Targets Data Security of State Agencies, Municipalities and School Districts
Thomas S. Markey writes: On Feb. 19, a bill was introduced in the Pennsylvania Senate proposing to amend the Pennsylvania Breach of Personal Information Notification Act to add new breach notification requirements for state agencies and political subdivisions of the commonwealth. Enacted in 2005, the act (73 P.S. Section 2301 et seq.) applies to commonwealth…
More than 540 million Facebook app datasets found exposed – UpGuard researchers
UpGuard reports: The UpGuard Cyber Risk team can now report that two more third-party developed Facebook app datasets have been found exposed to the public internet. One, originating from the Mexico-based media company Cultura Colectiva, weighs in at 146 gigabytes and contains over 540 million records detailing comments, likes, reactions, account names, FB IDs and…