fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " data breach "

4 Dating Apps Pinpoint Users’ Precise Locations – and Leak the Data

Grindr, Romeo, Recon and 3fun were found to expose users’ exact locations, just by knowing a user name. Four popular dating apps that together can claim 10 million users have been found to leak precise locations of their members.

“By simply knowing a person’s username we can track them from home, to work,” explained Alex Lomas, researcher at Pen Test Partners, in a blog on Sunday. “We can find out where they socialize and hang out. And in near real-time.”

Source: 4 Dating Apps Pinpoint Users’ Precise Locations – and Leak the Data | Threatpost

DSAR test reveals huge data breach potential

A phoney data subject access request (DSAR) made by a woman’s partner to companies in the UK and the US prompted a return of personal data from 25% of the firms contacted.

The security specialist making the request leveraged the terms of the GDPR to make his claim. He got in touch with dozens of companies on both sides of the Atlantic, stating in each case that he wanted information held on his fiancée. One of the data returns held his fiancée’s criminal record check.

Source: DSAR test reveals huge data breach potential

Data Breaches Show it’s Time to Rethink Use of Social Security Numbers

The Social Security number — created in 1936 to track Americans’ social benefits — was never meant to be a form of identity verification. But that line disappeared in the mid-1970s, and the single identifier proved convenient when it came time for the U.S. to handle information using computers.

But we shouldn’t be using an unchangeable nine-digit code for verification. It’s a little like having a Facebook password that we can’t change even if we know somebody else has it.

Full article: Data Breaches Show it’s Time to Rethink Social Security Numbers | Time.com

Equifax Agrees to Pay Up to $700 Million to Resolve 2017 Breach

On July 22, 2019, the Federal Trade Commission announced that Equifax Inc. agreed to pay at least $575 million, and potentially up to $700 million, as part of a global settlement agreement with the FTC, the Consumer Financial Protection Bureau, and 50 U.S. states and territories to resolve investigations into the colossal data breach the company suffered in 2017.

Source: Equifax Agrees to Pay Up to $700 Million to Resolve 2017 Breach, the Largest Data Breach Settlement in U.S. History

Russia’s Secret Intelligence Agency Hacked: ‘Largest Data Breach In Its History’

Hackers successfully targeted Russia’s state security agency last week through a major contractor, stealing and publishing details 7.5 terabytes of secret internet projects including social media scraping and Tor de-anonymization.

FSB is Russia’s primary security agency with parallels with the FBI and MI5, but its remit stretches beyond domestic intelligence to include electronic surveillance overseas and significant intelligence-gathering oversight.

Source: Russia’s Secret Intelligence Agency Hacked: ‘Largest Data Breach In Its History’

Former motor industry worker ordered to pay £25,500 from proceeds of data theft

A motor industry employee who was sentenced to six months in prison in November 2018 for accessing personal data without permission, has been ordered to pay a £25,500 confiscation order in a case brought by the Information Commissioner’s Office (ICO).

Source: Former motor industry worker ordered to pay £25,500 from proceeds of data theft | ICO

Whistleblower data breach reports almost triple after GDPR crackdown

Whistleblower reports over data breaches have almost tripled over the past year since the introduction of GDPR.

Reports from whistleblowers over data protection surged by 175% to 379 in the year to May 2019, from 138 a year earlier, according to research from City law firm RPC.

The firm said that the introduction GDPR in May 2018 has made people more vigilant over the handling of personal data, increasing the number of reports to the Information Commissioner’s Office (ICO).

Source: Whistleblower data breach reports almost triple after GDPR crackdown

Google is investigating the source of voice data leak

Google  has responded to a report this week from Belgian public broadcaster VRT NWS, which revealed that contractors were given access to Google Assistant voice recordings, including those which contained sensitive information — like addresses, conversations between parents and children, business calls and others containing all sorts of private information.

As a result of the report, Google says it’s now preparing to investigate and take action against the contractor who leaked this information to the news outlet.

The leaker had listened to more than 1,000 recordings, and found 153 were accidental in nature — meaning, it was clear the user hadn’t intended to ask for Google’s help.

Source: Google is investigating the source of voice data leak, plans to update its privacy policies | TechCrunch

ICO intends to fine Marriott International, Inc more than £99m for data breach

Marriott International has received a notification from the Information Commissioner’s Office (ICO) of its intention to fine the company £99,200,396.

In November 2018, Marriott had disclosed that their Starwood reservation database had been compromised between 2014 and 2018. The breach resulted in approximately 339 million guest records globally being exposed.

Source: ICO intends to fine Marriott International, Inc more than £99m for data breach

1 2 3 33
>