Suranjana Roy, Komal Gupta, and Apurva Vishwanath report: A case of Aadhaar data breach has caused privacy concerns and raised questions over the security of biometric data in possession of the Unique Identification Authority of India (UIDAI). […] The UIDAI filed a police complaint on 15 February against Axis Bank Ltd, business correspondent Suvidhaa Infoserve…
Category: Of Note
Cloudbleed: Big web brands leaked crypto keys, personal secrets thanks to Cloudflare bug
Iain Thomson reports: Big-name websites leaked people’s private session keys and personal information into strangers’ browsers, due to a Cloudflare bug uncovered by Google security researchers. Cloudflare helps companies spread their websites and online services across the internet. Due to a programming blunder, for several months Cloudflare’s systems slipped random chunks of server memory into…
Florida man pleads guilty in attempted hacking of Clinton Foundation
Nate Raymond and Nathan Layne report: A Florida man pleaded guilty in a case stemming from an attempted hacking of the Clinton Foundation on Thursday, months after he was sentenced to 42 years in prison in the wake of child pornography discovered on his computers during the probe. Timothy Sedlak, 43, pleaded guilty in federal…
Police Have Arrested a Suspect in a Massive ‘Internet of Things’ Attack
Lorenzo Franceschi-Bicchierai reports: European police suspect a 29-year-old man of keeping one million people offline. They might have found the person behind the notorious hacker known as BestBuy. At the end of last year, hackers took over hundreds of thousands of home routers using a variant of the infamous Internet of Things malware known as Mirai. Then they rented out…
Will a Pending OCR Rule Impact Breach Class-Action Suits?
Marianne Kolbasuk McGee A pending federal regulation – called for under the HITECH Act – that would allow regulators to share with breach victims money collected in HIPAA violation cases eventually could have implications in class-action breach lawsuits, says privacy attorney Adam Greene. The Department of Health and Human Services’ Office for Civil Rights “is working on a new…
Vets lose privacy lawsuit against VA after unencrypted data is stolen from hospital
Patrick O’Neill reports: After multiple thefts and data breaches related to the unencrypted personal information of 7,400 U.S. veterans out of a Veterans Affairs hospital, an appeals court dismissed a lawsuit this month in which patients alleged violations of the Privacy Act and Administrative Procedure Act. The veterans claimed at least seventeen more data breaches have occurred at Wm….