Shashank Shekhar reports: Damning details related to Aadhaar card security have emerged after the Uttar Pradesh Special Task Force on Sunday arrested 10 members of a gang allegedly involved in issuing fake biometric cards. Investigators told Mail Today that the gang members had not only hacked the secure ‘source code’ to access the application but…
Category: Of Note
Translate.com Exposes Highly Sensitive Information in Massive Privacy Breach: NRK (Updated)
Update: On September 11, DataBreaches.net received a response from Translate.com, which appears at the bottom of this post. Florian Faes writes: How would you feel if your letter of resignation were posted online? Or sensitive parts of your employment contract? Or details of that M&A deal you have been working on with an investment bank?…
Credit reporting firm Equifax says data breach could potentially affect 143 million US consumers
Uh oh. Todd Haselton reports: Equifax, which supplies credit information and other information services, said Thursday that a data breach could have potentially affected 143 million consumers in the United States. The population of the U.S. was about 324 million as of Jan. 1, 2017, according to the U.S. Census Bureau, which means the Equifax…
Lenovo Settles FTC Charges it Harmed Consumers With Preinstalled Software on its Laptops that Compromised Online Security
From the Federal Trade Commission: Lenovo Inc., one of the world’s largest computer manufacturers, has agreed to settle charges by the Federal Trade Commission and 32 State Attorneys General that the company harmed consumers by pre-loading software on some laptops that compromised security protections in order to deliver ads to consumers. In its complaint, the…
FTC Settles GLBA Enforcement Action Against TaxSlayer Stemming From 2015 Data Breach
We haven’t seen many data security enforcement actions under the Gramm-Leach-Bliley Act (GLBA) Safeguards Rule, but a recent case is a good opportunity to remind entities that they may be covered by it even if they didn’t know it. Edward McAndrew, Kim Phan, and Zaven Sargsian of Ballard Spahr write: The Federal Trade Commission (FTC)…
BroadSoft Inc. left millions of partners’ customer data records exposed
Bob Diachenko of Kromtech Security reports: One of the top companies that provides cloud-based unified communications has just leaked more than 600GB of sensitive files online. The Kromtech Security Center has discovered not just one but two cloud-based file repositories (AWS S3 buckets with public access) that appear to be connected to the global communication…