Note: this report out of the University of Melbourne is a follow-up study related to a breach disclosed in 2016. Allie Coyne reports: Researchers from the University of Melbourne have been able to easily re-identify patients from confidential data released by the federal Health department, without using decryption methods. Dr Chris Culnane, Dr Benjamin Rubinstein…
Category: Of Note
Researcher claims LinkedIn ignored security flaw, but did they?
Tom Warren reports: Khalil Shreateh, a self-professed IT expert from Palestine, hit the headlines four years ago when he hacked Facebook CEO Mark Zuckerberg’s wall. Shreateh was frustrated that Facebook was ignoring a big security flaw, so demonstrating it on Zuckerberg’s own Facebook wall was an easy way to get the company to act. Shreateh…
21st Century Oncology settlement with HHS over 2015 data breach came with a $2.3 million price tag
There’s an update or follow-up to a breach involving 21st Century Oncology that was first reported on this site in March 2016. The breach, which they first learned of in November 2015 when federal agents contacted them, was the second breach in as many years that the entity had neither prevented nor discovered under its…
Federal Court Permits Former Employees’ Data Breach Claims to Move Forward
Jeffrey M. Schlossberg writes: A data breach occurs in which an outside individual obtains your company’s employees’ W-2 forms including social security numbers, addresses, and salary information. As a result, your company notifies all affected employees, explains what occurred, and offers a complimentary two-year membership to a service that helps detect misuse of personal information. …
UK: Hacker known as “‘Courvoisier” pleads guilty to hacking details of 165,000 people from sites including T-Mobile, Uber, and Groupon
Ashitha Nagesh reports: A cybercriminal has admitted hacking companies including Uber, Sainsbury’s and Groupon in order to sell users’ personal data on the dark web. Grant West, 25, got hold of the details of 165,000 customers of the online takeaway service Just Eat over a five month period, between July and December 2015. […] Appearing…
Data Breach at Website with 45 Million Users Discovered During Academic Research
Catalin Cimpanu reports: A team of three researchers from the University of California, San Diego (UCSD) has created a tool that can detect when user-registration-based websites suffer a data breach. The tool, named Tripwire, works on a simple concept. Researchers say that Tripwire registers one or more accounts on websites by using a unique email…