Zack Whittaker reports: Chinese tech giant Huawei has asked some of the world’s best phone hackers to a secret meeting in Munich later this month as the company tries to curry favor with global governments, TechCrunch has learned. Sources with knowledge of the November 16 meeting said Huawei will privately present its new bug bounty…
California DMV finds data breach exposed Social Security information for around 3,200 people
Joseph Luiz reports: The California Department of Motor Vehicles has announced that federal agencies were accidentally given access to Social Security information for about 3,200 people. The department said in a statement that it discovered in August that for at least the past four years, the information was accidentally accessible to seven government entities, including…
Facebook Claims It Unknowingly Shared Private Group Data With Partners
Kurt Wagner reports: Facebook Inc. said it unknowingly gave outside developers access to private user information shared within some groups on its main social network, including the names and profile photos of people who were part of those groups. The company disclosed the issue Tuesday, saying that for the past 18 months some third-party developers…
Failure to Encrypt Mobile Devices Leads to $3 Million HIPAA Settlement
From HHS OCR: The University of Rochester Medical Center (URMC) has agreed to pay $3 million to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), and take substantial corrective action to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules….
ME: InterMed, P.A. notifying patients after 4 employees fall for phishing attack
Notice posted on InterMed, P.A.’s web site, Nov. 4: On September 6, 2019, we learned that an unauthorized individual gained access to an employee’s email account between September 4 and September 6, 2019. We immediately took steps to secure the account, began an internal investigation, and engaged a leading national computer forensic firm to conduct an…
Now available: Catalan Information Security Center produces reports in English for the 2019 Barcelona Congress
CESICAT (Information Security Center of Catalonia) contacted me this week to share some news and to ask me to share it with my readers and followers on Twitter. I am delighted to. CESICAT is a public organization committed to protecting cybersecurity of the public sector in Catalonia. Next year they will become the Cybersecurity Agency…