Cross-posted PHIprivacy.net: When Michael Ramirez recently used RiteAid’s mobile app to check on a prescription, he never expected to be able to access other customers’ names, addresses, and prescription records. But he was able to, and now Ramirez, a computer scientist working for the Navy’s Space and Naval Warfare Systems Command in Charleston, is going…
Category: Of Note
IEEE leaks 100,000 members’ usernames and plain-text passwords (update3)
Seen on Slashdot, Radu Dragusin writes: IEEE suffered a data breach which I discovered on September 18. For a few days I was uncertain what to do with the information and the data. Yesterday I let them know, and they fixed (at least partially) the problem. The usernames and passwords kept in plaintext were publicly…
The Apple UDIDs were stolen from us – BlueToad
Kerry Sanders and Bob Sullivan report that Florida publishing firm BlueToad has stated that the database of Apple UDID’s stolen by AntiSec came from its servers. According to Sullivan: Blue Toad is a little-known privately held company, but its technology touches millions of users around the world. It provides private-label digital edition and app-building services…
Emobile, Meteor plead guilty to data legislation breaches
RTÉ reports: Two telecoms companies have pleaded guilty to multiple breaches of data protection legislation at the Dublin District Court and have been ordered to pay a total of €30,000 to two charities. The charges follow the theft of two unencrypted laptops, containing personal and financial information of customers, from the office of Eircom Ltd…
Texas Data Breach Amendment Takes Effect; Connecticut On Deck
Steve Satterfield writes: This week, the much talked-about amendments to Texas’s breach notice statute took effect. Wepreviously blogged about these amendments, which are unprecedented in scope. With the amendments, the Texas statute now requires entities doing business in Texas to notify “any individual” whose “sensitive personal information” is acquired in a breach (unless the information is encrypted). The statute makes…
Wyndham files motion to dismiss FTC privacy suit
Stephen E Wieker and Liisa M. Thomas write: In a strongly-worded motion filed in federal district court in Arizona, Wyndham Hotels & Resorts LLC recently asked the court to dismiss all charges filed by the Federal Trade Commission alleging Wyndham engaged in unfair and deceptive privacy practices. As we reported in June, according to the FTC, these practices…