Oops. Auburn University discovered that students’ personal information – names, postal and email addresses, dates of birth, Social Security numbers, and students’ academic information – was exposed on the Internet between September 1, 2014 and March 2, 2015 when they discovered the problem. No financial information, bank account or payment card information was involved. While the university…
Category: Of Note
FL: Convicted felon hijacks charity – and the state can’t stop it?
Adam Walser reports that a former volunteer at the non-profit Kingdom Purpose, Teach One Reach One after-school program was allegedly able to hijack ownership of the charity by altering public information on the Florida Department of State sunbiz.org website. And there’s little the Department of State says they can do about it. The former volunteer, Sabrina Miller-White, who had been convicted on…
FTC and Wyndham Present Arguments on Whether FTC has Declared Unreasonable Cybersecurity Practices Unfair
Katherine Gasztonyi writes: On Friday, March 27, 2015, the Federal Trade Commission and Wyndham Worldwide Corp. filed supplemental briefing in the Third Circuit regarding whether the FTC had made an adjudicative decision that the FTC Act prohibits unreasonable cybersecurity practices and, if not, whether a federal court could hear a case charging a violation of the FTC Act…
5 Biggest Hosting Companies hacked by Syrian Electronic Army
Swati Khandelwal reports: Once again, Syrian Electronic Army (SEA) has gain media attention by compromising a number of popular web hosting brands of one of the leading web-hosting companies Endurance International Group INC that manages over 60 different hosting brands. SEA, a pro-hacker group supposed to be aligned with Syrian President Bashar al-Assad, is famous for hacking…
Florida Department of State exposes non-confidential voter information (updated)
Update: The Florida Department of State issued a statement on March 31 confirming the breach. That statement appears elsewhere on this site. Under the language of their statute, addresses are not considered “confidential” information, and the state has asked DataBreaches.net to make clear that this did not involve confidential information, as “confidential” is defined by…
Ontario’s sole health privacy prosecution quietly dismissed
Olivia Carville reports: The first person ever prosecuted under Ontario’s health privacy law for allegedly prying into almost 6,000 patient records no longer faces charges because of the “curious” way the Crown handled the case, a court has ruled. Against a backdrop of growing calls for more prosecutions under this law, the potentially precedent-setting case…