Odia Kagan of Fox Rothschild writes: The Office of the Privacy Commissioner for Bermuda has issued a helpful guide on the various types of harm that could be caused by a data breach. The office also referred to the Future of Privacy Forum research on potential harms. Read more here, In their guidance, the Bermuda privacy…
T-Mobile, customers diverge on forum to transfer data breach suits
Shannon Stapleton reports: T-Mobile US Inc is supporting a plaintiffs’ bid to centralize in one federal district court almost 30 lawsuits filed by customers over a recent massive data breach, but suggested a different venue due to a “dire” judge shortage. T-Mobile’s filing on Tuesday came in response to the motion filed last month by plaintiffs in one lawsuit…
Exposed Payment Integration API Keys Imperil Millions of Users’ Transaction Details and PII
Arshit Jain and Sai Ahladini Tripathy report some findings concerning the risk of unauthorized access to API keys enabling acquisition of sensitive or critical data. A recent investigation by CloudSEK found that a range of companies have mobile apps with API keys that are hardcoded in the app packages. “These keys could be easily discovered…
Are “corrupt my file” sites safe? Here’s why to avoid corrupt-a-file services
Am I the last one to know about “corrupt my file” sites? Joshua Long reports that apart from file corruption that occurs accidentally in our lives or in some cases intentionally by malware, there are sites that will intentionally corrupt a file for you. While that may seem entirely counterproductive, corrupt-a-file sites make claims such…
Customer Care Giant TTEC Hit By Ransomware
Brian Krebs reports: TTEC, a company used by some of the world’s largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a network security incident that appears to be the result of a ransomware attack, KrebsOnSecurity has learned. […] On Sept. 14, KrebsOnSecurity heard from a…
FTC Warns Health Apps and Connected Device Companies to Comply With Health Breach Notification Rule
The Federal Trade Commission today issued a policy statement affirming that health apps and connected devices that collect or use consumers’ health information must comply with the Health Breach Notification Rule, which requires that they notify consumers and others when their health data is breached. In a policy statement adopted during an open meeting, the Commission noted…