Darren Pauli reports: The Tor project has urged calm after new research found 81 percent of users could be identified using Cisco’s NetFlow tool. A research effort led by professor Sambuddah Chakravarty from the Indraprastha Institute of Information Technology in Delhi found that well-resourced attackers such as a nation-state could effectively reveal Tor users’ identity…
Category: Of Note
Retailers are skirting data security issue, NAFCU, trades tell Congress
The National Association of Federal Credit Unions writes: Retailer groups’ data security arguments are “inaccurate and misleading” given their members “are not covered by any federal laws or regulations that require them to protect data and notify consumers when it is breached,” NAFCU and six other financial trades told House and Senate leaders Wednesday. “National…
FTC Alleges Debt Brokers Illegally Exposed Personal Information of Tens of Thousands of Consumers on the Internet
Here’s the FTC’s press release on an enforcement action I had noted on this blog when it originally reported by Courthouse News: At the request of the Federal Trade Commission, a federal court has ordered two debt sellers that posted the sensitive personal information of more than 70,000 consumers online to notify the consumers and…
AU: Asylum seeker privacy breach due to copy and paste – OAIC. Okay, but where’s the breach mitigation?
In February, we learned of a horrific privacy breach involving almost 10,000 asylum seekers. This breach is on my personal Top 10 Worst Breaches of 2014 because of the risk of harm to those exposed. A detention file created by Australia’s Department of Immigration and Border Protection (DIBP) accidentally exposed detainees’ personal details and was subsequently downloaded in about 16…
In: Massive data breach at CIDCO’s website
Yogesh Sadhwani reports: The personal records of about 85,000 applicants to the City and Industrial Development Corporation‘s (CIDCO) housing scheme have inadvertently been made public by the government establishment. Details such as residential address, mobile number, Permanent Account Number (PAN), bank account number, Indian Financial System Code (IFSC) information related to their bank accounts and…
U.S. Postal Service Says It Was Victim of Data Breach (update3)
Laura Stevens reports: The U.S. Postal Service said Monday that its more than 500,000 employees could be affected by a data breach that may have compromised data including names, Social Security numbers and addresses. The Postal Service said its revenue systems — including at post offices and online — weren’t compromised, and credit and debit…