Alessandra Malito reports: Potential security risk concerns over Finra’s highly-debated Comprehensive Automated Risk Data System proposal, or CARDS, are not simply hot air, cybersecurity and big data experts say. The initiative by the Financial Industry Regulatory Authority Inc., which was recently put on hold for further evaluation amid negative feedback, was proposed as a means of…
Category: U.S.
Potential class action lawsuit against eBay dismissed
It was a good day for eBay in a federal court in Louisiana. Judge Susie Morgan dismissed, without prejudice, a potential class action lawsuit that had filed in July 2014 by Collin Green against eBay over the data breach they had disclosed in 2014. At the time, eBay said it had no evidence that payment…
Supreme Court to Examine Standing Under FCRA
Jason C. Gavejian and B. Tyler Philippi write: The U.S. Supreme Court recently decided to hear a case brought under the Fair Credit Reporting Act (“FCRA”) to determine whether individual consumers have standing to sue a consumer reporting agency for statutory violations of the FCRA when no “actual damages” were suffered by the consumer. The FCRA, like other privacy laws,…
Sally Beauty Holdings, Inc. Statement
Sally Beauty has issued the following statement. Their name may seem familiar to you because this site reported on an earlier breach last year. Sally Beauty Holdings, Inc. is currently investigating reports of unusual activity involving payment cards used at some of our U.S. Sally Beauty stores. Since learning of these reports, we have been working with…
U.S. Senate panel raises privacy concerns in White House hacking incident
Peter Cooney reports: The U.S. Senate Commerce Committee has written President Barack Obama over concerns that a recently reported data breach on the White House computer system might have compromised the personal information of many Americans. “Just like any entity that handles personally-identifiable information, the White House has a responsibility to notify Americans if the…
Security Advisory – PillPack.com Online Pharmacy
Yakov Shafranovich found a vulnerability that exposed patients’ prescription histories to others as long as the other(s) had their full name and date of birth: During the signup process, PillPack.com prompts users for their identifying information. In the end of the signup rocess, the user is shown a list of their existing prescriptions in all…