Ah, kudos to Patrick Ouellette of HealthITSecurity.com, who dug into recent reports of a Medtronic breach more deeply than I did. While most media reiterated Medtronic’s claims that no patient data was involved, Patrick reports: Though medical device maker Medtronic revealed that hackers had entered network on two separate occasions last year in its Securities and…
High school computer whiz, 16, criminally charged with hacking grades: A+ for effort?
John Luciew reports: One thing is clear, the 16-year-old sophomore at the center of an alleged grade and attendance-record hacking case in Orange, N.J., apparently has some mad computer skills and plenty of smarts for executing elaborate plans. If only the student would apply those academic assets to his or her school work, then perhaps…
Shielding grisly scenes because there's no expectation of privacy in public spaces
Back in the day when I was an active emergency medical technician (EMT), we really didn’t have to deal with gawkers who might try to take pictures to upload to the Internet of horrific accidents that happened in public spaces. And if someone tried to poke their nose in to the accident scene, an authoritative “back…
UK: Aspers (Milton Keynes) breach results in undertaking
The Information Commissioner’s Office announced that Aspers (gaming operator for Milton Keynes casino) has signed an undertaking after violating the Data Protection Act. The undertaking explains that an employee, trying to e-mail personnel data for a new office to central payroll, accidentally emailed the personal data of 219 employees to an external – and incorrect…
Encrypted Web traffic can reveal highly sensitive information
Jeremy Kirk reports: Analyzing encrypted Web traffic can potentially reveal highly sensitive information such as medical conditions and sexual orientation, according to a research paper that forecasts how privacy on the Internet may erode. In a paper titled “I Know Why You Went to the Clinic,” researchers show that by observing encrypted Web traffic and identifying patterns,…
NJ district court certifies two issues for interlocutory appeal in FTC v. Wyndham
In April, Judge Esther Salas denied Wyndham’s motion to dismiss the FTC’s complaint stemming from what the FTC alleges were unreasonable data security practices that put consumers at risk of harm. The FTC’s complaint was brought under Section 5 of the FTC Act, and Wyndham had challenged their authority to enforce data security as well as their…