Rhys Dipshan writes: Call it the summer of vendor security mishaps. In June, a data firm hired by the Republican National Committee inadvertently exposed the personal information of almost 200 million American voters by misconfiguring an Amazon cloud server. A month later, Verizon’s customer service vendor NICE Systems made the same mistake and exposed data…
Category: Of Note
Hong Kong’s Privacy Commissioner Welcomes the Enactment of the Apology Ordinance
(14 July 2017) The Privacy Commissioner for Personal Data, Hong Kong (“Privacy Commissioner”) Mr Stephen Kai-yi WONG welcomed the passing of the Apology Bill by the Legislative Council yesterday (13 July). Mr Wong said, “The enactment of the Apology Ordinance will generally help to protect persons who wish to make an apology without fear of…
Veterans Administration responds to Freedom of Information request; releases breach reports
So what did we miss because the Veterans Administration stopped posting their monthly breach reports to Congress on their web site? DataBreaches.net filed a Freedom of Information request on June 7, and the VA has responded by providing all of the requested monthly reports for the period May, 2016 – June 7, 2017. As an…
Bupa IPMI notifies customers of insider breach; former employee claimed to have 1million records for sale on dark web
Over on Hot for Security, Graham Cluley beat me to the punch on reporting an insider breach involving Bupa. You can begin by watching Bupa’s public notice, and then read Graham’s report for some more information. Of note, he reports: In all, around 108,000 international health insurance policies are said to be affected. An email…
Menlo Park dental practice notifies patients of hack and ransom demand
The following is one of the best notification letters I have ever read. I have sent an email to Dr. Yaley to ask a few questions for clarification and follow-up purposes, as some of this sounds like it could be the work of TheDarkOverlord. Regardless of who the attackers are, however, the notification letter below could…
Israeli startup tracks behavior to outsmart hacker bots
Micah Danney reports: You might think of hackers as people sitting at computers, but custom software applications, or bots, can be the ones doing the dirty work. Bots automate the business of hacking, tearing through massive troves of stolen account data, for example, or bombarding website login pages with passwords, probing for hits. Enter Unbotify,…