CBC News reports: The province’s ombudsman says Manitoba Health didn’t do enough to mitigate the risks of a privacy breach. That was Charlene Paquin’s finding in a report detailing the investigation of an employee who accessed the medical records of his estranged daughter, colleagues and some senior public officials. The ombudsman’s report, released Tuesday, included 11 recommendations, including hiring…
Category: Of Note
New Report: The Geography of Medical Identity Theft
Pam Dixon and John Emerson have authored a new report from the World Privacy Forum: The Geography of Medical Identity Theft. From the report: Summary of Findings and Recommendations This report finds that medical identity theft is growing overall in the United States, however, there’s a catch. The consumer complaint data suggests that the crime…
eBay Privacy Breach Exposes Customer Names on Google (Updated)
Ina Steiner reports: In what appears to be a major breach of customer privacy, eBay is exposing customers’ real first and last names, as well as the items they’ve purchased, publicly on Google. While the idea that your real name is exposed in a product review you left for a benign product like clothing or…
Superseding indictment filed in Justin Shafer case
As anticipated, federal prosecutors have filed a superseding indictment in their case against dental integrator and vulnerability researcher Justin Shafer. For those in a rush, the TL;DR version is that they have basically transformed a bullshit two-count indictment into a bullshit three-count indictment. [For the benefit of law enforcement in Texas, that preceding sentence is…
Ashley Madison takes your privacy very seriously…. until they don’t…
Thomas Fox-Brewster reports: Despite the catastrophic 2015 hack that hit the dating site for adulterous folk, people still use Ashley Madison to hook up with others looking for some extramarital action. For those who’ve stuck around, or joined after the breach, decent cybersecurity is a must. Except, according to security researchers, the site has left photos of…
Uber paid 20-year-old Florida man to keep data breach secret – sources
Joseph Menn and Dustin Volz report: A 20-year-old Florida man was responsible for the large data breach at Uber Technologies Inc [UBER.UL] last year and was paid by Uber to destroy the data through a so-called “bug bounty” program normally used to identify small code vulnerabilities, three people familiar with the events have told Reuters….