A woman was recently convicted of knowingly accessing health information of seven people in contravention of the Health Information Act (HIA). On Feb. 5, Denise Tourneur pleaded guilty to illegitimately accessing the health information of seven individuals on 44 separate occasions at the Kaye Edmonton Clinic where she worked. The situation stemmed from a breach discovered by…
Category: Of Note
ASUS Settles FTC Charges That Insecure Home Routers and “Cloud” Services Put Consumers’ Privacy At Risk
Taiwan-based computer hardware maker ASUSTeK Computer, Inc. has agreed to settle Federal Trade Commission charges that critical security flaws in its routers put the home networks of hundreds of thousands of consumers at risk. The administrative complaint also charges that the routers’ insecure “cloud” services led to the compromise of thousands of consumers’ connected storage devices, exposing…
Thinking about incident response
So I woke up to find that uKnowKids had issued a statement yesterday about their exposed database, an exposure that had been uncovered by and reported to them by Chris Vickery. Regular readers of this blog will recognize Chris’s name by now, as he’s uncovered a number of misconfigured databases that have been investigated by…
uKnowKids responds to reports of exposed database
uKnowKids has responded to reports that their database was exposed. As reported yesterday on this site, the details of 1,740 children being tracked by their software as well as other details were exposed in a misconfigured MongoDB installation. The exposed data included text messages and images from and to the children. The exposure was discovered by Chris…
You Can’t Hide Behind Your EULA
In response to VTech’s controversial new EULA in the wake of their massive data breach, Cooley LLP has a commentary. Here are some excerpts: Apart from being a bit mean, it goes against the basic principles of data protection and consumer law in the UK. The Data Protection Directive 95/46 EC places obligations on the…
uKnowKids database exposed personal and location info of 1,740 kids (Update1)
A misconfigured database from a child tracking & monitoring firm exposed over 6.8 million private child text messages, 1.8 million images (many depicting children), and over 1700 in-depth child profiles. uKnowKids monitoring software advertises that it “Makes Parenting Easier, and Keeps Kids Safe Online and on the Mobile Phone.” On its web site, it claims that it has helped parents protect…