In January, 2012, Zappos announced that they were notifying more than 24 million consumers to change their passwords following a hack. In the months that followed, a to-be-predicted lawsuit was filed, and state attorneys general started investigating. Eventually, Zappos settled with states, and the class-action lawsuit was dismissed in 2015. Whew, right? Not so fast, though. Ross Todd…
Category: Of Note
A.G. Schneiderman Announces $575,000 Settlement With EmblemHealth After Data Breach Exposed Over 80,000 Social Security Numbers
March 6 – Attorney General Eric T. Schneiderman today announced a settlement with healthcare provider EmblemHealth and wholly owned subsidiary Group Health Incorporated (“EmblemHealth”) after the company admitted a mailing error that resulted in 81,122 social security numbers being disclosed on a mailing. In addition to paying a $575,000 penalty, EmblemHealth agreed to implement a Corrective…
Apple Employee Threatens to Leak User’s iCloud Data
Chen Na reports: “Your personal data belongs to you, not others,” reads a bold declaration on Apple’s webpage for user privacy. But for one Chinese customer, this proved not to be the case after an Apple tech support employee threatened to leak his photos, contacts, emails, and memos online. An article describing how the Apple…
Waltham Forest Council has breached data protection laws
Alice Richardson reports: A Waltham Forest Council employee uploaded a video containing “sensitive information” to Youtube, a report filled with damning personal data breaches has revealed. The report by private consultants Agilisys noted the council is currently not currently compliant with data protection regulations. It also shows how personal information was wrongly disclosed 18 times…
Event: Fireside Chat: Chilling Effects on Security Research
By Center for Democracy & Technology DESCRIPTION For many years, security researchers, infosec experts, and hackers have faced negative consequences such as legal threats and prosecution for simply doing their jobs. These so-called “chilling effects” have reached near-mythical status, and the level of understanding of potential risks varies throughout the tech policy community. Please join…
Pennsylvania’s attorney general sues Uber over 2016 data breach
Harper Neidig reports that the Pennsylvania Attorney General is suing Uber over its 2016 data breach. The following is the state’s press release: HARRISBURG – Pennsylvania Attorney General Josh Shapiro today filed a lawsuit against Uber Technologies, Inc. for violating Pennsylvania’s data breach notification law. Uber knew for more than a year that a data breach potentially impacting…