Dan Goodin reports: A social hangout website for teenage girls has sprung a leak that’s exposing plaintext passwords protecting as many as 5.5 million user accounts. As this post went live, all attempts to get the leak plugged had failed. Operators of i-Dressup didn’t respond to messages sent by Ars informing them that a hacker has already…
Category: Of Note
Oh, how America just loves scandals involving the British royalty
Everyone who knows me knows that I generally don’t wade into the muck and mire of celebrity lives or even hacks of celebrities’ iCloud accounts. I’m staunchly on record that even celebrities have a right to privacy. Over the weekend, though, I wound up interviewing a UK man who had involvement in selling Pippa Middleton’s hacked iCloud…
Newest OCR settlement highlights need to review and update Business Associate Agreements
A newly announced settlement between HHS OCR and Care New England reinforces what DataBreaches.net and Protenus, Inc. have been trying to remind everyone of this week: pay more attention to your business associate agreements and do so regularly. Care New England Health System (CNE), on behalf of each of the covered entities under its common ownership…
A.G. Schneiderman Announces Settlement With Trump Hotel Collection After Data Breaches Expose Over 70K Credit Card Numbers
NEW YORK – Attorney General Eric T. Schneiderman today announced a settlement with Trump International Hotels Management LLC, d/b/a Trump Hotel Collection (“THC”), involving data breaches resulting in the exposure of over 70,000 credit card numbers and other personal data. THC has agreed to pay $50,000 in penalties and to shore up its data security…
500 million Yahoo accounts breached; biggest breach ever publicly disclosed
Kim Hjelmgaard and Elizabeth Weise report: Information from at least 500 million Yahoo accounts was stolen from the company in 2014 and the company believes that a state-sponsored actor was behind the hack. The information may have included names, email addresses, telephone numbers, dates of birth, and, in some cases, encrypted or unencrypted security questions…
Dozens of clinics, thousands of patients impacted by third-party data leak
EMR4all, Inc. was a California business providing free EMR software to physical therapy, speech therapy, and occupational therapy practices that used their associated patient billing service, Rehab Billing Solutions (RBS). Over the summer, they began shutting down operations and notifying their clients of their closure. Their effort to make a graceful exit wound up marred by a data…