The FTC has charged two businesses [complaint 1 | complaint 2] with illegally exposing the sensitive personal information of thousands of consumers by allowing peer to peer file-sharing software to be installed on their corporate computer systems. Settlements with the debt collection business and auto dealer will bar misrepresentations about their privacy, security, confidentiality, and integrity of…
Category: Of Note
Millions of LinkedIn passwords posted online; company’s response criticized
The online professional networking website LinkedIn has confirmed that “some” of its users’ passwords were stolen when it was hacked today, but the person responsible says it’s almost 6.5 million. In a blog post earlier this morning, the LinkedIn team posted: “We can confirm that some of the passwords that were compromised correspond to LinkedIn…
Last.fm and eHarmony passwords stolen (updated)
The Last.fm music site and the eHarmony dating service said some user passwords were stolen, a day after another online company, LinkedIn, confirmed a security breach. “We are currently investigating the leak of some Last.fm user passwords,” the London-based company, which recommends music to listeners, said today on its website. “As a precautionary measure, we’re…
AU: Privacy Commissioner finds Act breached by super fund
ABC (AU) reports an update on a situation previously mentioned on this blog where simple url manipulation exposed information: A superannuation company that allowed the private details of its customers to be leaked online has been found to have breached the Privacy Act. In September last year, a flaw was discovered in First State Super’s computer systems,…
Congress critical of TRICARE’s response; requests detailed answers while criticizing TRICARE and SAIC
Cross-posted from phiprivacy.net: At least some members of Congress are not happy with the response to a letter they sent TRICARE following the theft of backup tapes from the unattended vehicle of an employee of their contractor, SAIC. The tapes contained information on approximately 5 million military beneficiaries and their dependents. Although TRICARE’s response was not disclosed publicly, Rep. Ed…
NHS Trust fined £325,000 following data breach; Trust “frankly surprised” at fine and intends to appeal
Back in January, I noted that the ICO was preparing to levy a huge fine on Brighton and Sussex University Hospitals NHS Trust after hard drives with patient data were stolen and put up for sale on eBay. We later learned that the thief was an employee of a contractor. The possibility of the fine was revealed by the…