Catalin Cimpanu reports: A team of three researchers from the University of California, San Diego (UCSD) has created a tool that can detect when user-registration-based websites suffer a data breach. The tool, named Tripwire, works on a simple concept. Researchers say that Tripwire registers one or more accounts on websites by using a unique email…
Category: Of Note
Mirai IoT Botnet Co-Authors Plead Guilty
Brian Krebs reports: The U.S. Justice Department on Tuesday unsealed the guilty pleas of two men first identified in January 2017 by KrebsOnSecurity as the likely co-authors of Mirai, a malware strain that remotely enslaves so-called “Internet of Things” devices such as security cameras, routers, and digital video recorders for use in large scale attacks…
Former Manitoba Health employee snooped on records of family, senior public officials: ombudsman
CBC News reports: The province’s ombudsman says Manitoba Health didn’t do enough to mitigate the risks of a privacy breach. That was Charlene Paquin’s finding in a report detailing the investigation of an employee who accessed the medical records of his estranged daughter, colleagues and some senior public officials. The ombudsman’s report, released Tuesday, included 11 recommendations, including hiring…
New Report: The Geography of Medical Identity Theft
Pam Dixon and John Emerson have authored a new report from the World Privacy Forum: The Geography of Medical Identity Theft. From the report: Summary of Findings and Recommendations This report finds that medical identity theft is growing overall in the United States, however, there’s a catch. The consumer complaint data suggests that the crime…
eBay Privacy Breach Exposes Customer Names on Google (Updated)
Ina Steiner reports: In what appears to be a major breach of customer privacy, eBay is exposing customers’ real first and last names, as well as the items they’ve purchased, publicly on Google. While the idea that your real name is exposed in a product review you left for a benign product like clothing or…
Superseding indictment filed in Justin Shafer case
As anticipated, federal prosecutors have filed a superseding indictment in their case against dental integrator and vulnerability researcher Justin Shafer. For those in a rush, the TL;DR version is that they have basically transformed a bullshit two-count indictment into a bullshit three-count indictment. [For the benefit of law enforcement in Texas, that preceding sentence is…