fbpx

Download free GDPR compliance checklist!

Category Archives for "Security"

Irish regulator reaches preliminary decision in Twitter privacy probe

Twitter may be the first big technology firm to face a fine by the EU’s lead regulator under the region’s tougher data protection rules after it submitted a preliminary decision in a probe into the social media firm to other member states.

The Twitter ruling relates to a 2019 probe into a bug in its Android app, where some users’ protected tweets were made public. Twitter is the subject of two of the 20 other inquiries the DPC had open into big tech firms at the end of 2019.

The DPC is not commenting on the substance of the preliminary Twitter decision at this point, Deputy Commissioner Graham Doyle told Reuters.

Source: Irish regulator reaches preliminary decision in Twitter privacy probe – EURACTIV.com

Equifax agrees to spend over $30 million to settle claims over 2017 data breach

Equifax has agreed to a proposed class action settlement with financial institutions over its 2017 data breach that affected roughly 147 million people in the U.S.

The company will pay up to $5.5 million for class members and commit to spending at least $25 million on data security measures over a two-year period under the proposed deal, according to the unopposed motion for preliminary approval of the settlement.

Source: IN BRIEF: Equifax agrees to settle financial institutions’ claims over 2017 data breach – Reuters

Hacker Selling 80,000 Users’ Data Stolen From Cryptocurrency Wallets

A hacker who was behind the cyber attack on Ethereum.org is now selling data tied to key cryptocurrency wallets like Keepkey, Trezor, Ledger and online investment platform Bnktothefuture. The hacker has three large databases with information pertaining to at least 80,000 customers. This includes the customer’s email address, name, phone number, residential address and other data.

“The hacker doesn’t seem to have any passwords, but is offering detailed information that was stolen from an alleged Shopify breach like email addresses, home addresses, and phone numbers,” reports Bitcoin News.

Source: Hacker Selling 80,000 Users’ Data Stolen From Cryptocurrency Wallets

Over 190 Law Firms Affected by Advanced Data Leak That Exposed Over 10,000 Legal Documents

A leading UK software company exposed personal information and legal documents belonging to over 190 law firms through a data leak from an unsecured online database.

The information exposed by the data breach included details belonging to the staff of the law firms. The information uncovered in the data leak could be deemed sensitive or special and included details such as hashed passwords, legal documents, passport numbers, mother’s maiden name, and eye colors. The law firms affected had both their “primary” and “form” data leaked.

Source: Over 190 Law Firms Affected by Advanced Data Leak That Exposed Over 10,000 Legal Documents – CPO Magazine

Hacker leaks 40 million user records from popular Wishbone app

A hacker has put up for sale the details of 40 million users registered on Wishbone, a popular mobile app that lets users compare two items in a simple voting poll. Later Wishbone user database has leaked in full, being offered as a free download on one of the hacking forums it was being sold on.

A well-known hacker known as ShinyHunters has taken credit for hacking the company. According to the seller’s claims and a sample of the data published online, the Wishbone data includes user information such as usernames, emails, phone numbers, city/state/country, but also hashed passwords.

Source: Hacker leaks 40 million user records from popular Wishbone app | ZDNet

REvil Ransomware found buyer for Trump data, now targeting Madonna

REvil ransomware group claims to have buyers ready for documents containing damaging information about US‌ President Donald Trump and is preparing to auction data on international celebrity Madonna.

The hackers breached the network of Grubman Shire Meiselas & Sacks (GSMLaw), a law firm representing a huge number of A-list celebrities, stealing everything they considered of value before encrypting the data.

Source: REvil Ransomware found buyer for Trump data, now targeting Madonna

FBI cracks alleged al-Qaida shooter’s iPhone without Apple’s help

U.S. authorities have reportedly broken through the encryption on one of the iPhones belonging to a mass shooter without the help of Apple who refused to create a backdoor saying it violated privacy rights.

FBI defeated the password on the iPhone belonging to Mohammed Saeed Alshamrani, a Saudi military trainee who went on a mass shooting at a Naval Air Station in Pensacola, Florida last December killing four and injuring eight.

Source: FBI cracks alleged al-Qaida shooter’s iPhone without Apple’s help | Cult of Mac

EasyJet announces cybersecurity incident affecting 9 million clients

EasyJet announced that it had been “the target of a cybersecurity attack from a highly sophisticated source”.

EasyJet stated that its investigation found that the email addressess and travel details of approximately 9 million customers, as well as the credit card details of 2,208 customers, were accessed. Customers whose travel details were accessed are being advised of protective steps to minimise any risk of potential phishing and unsolicited communications.

Source: Notice of cyber security incident

Germany′s data chief tells ministries WhatsApp is a no-go

Germany’s data privacy chief has told federal bodies not to use WhatsApp, amid concerns that it feeds Facebook with data. Ulrich Kelber said it appeared that the government has failed to establish enough safe services.

The Düsseldorf newspaper Handelsblatt said Kelber, previously a Social Democrat (SPD) federal parliamentarian, was reacting to complaints from citizens about the use of WhatsApp by unnamed federal authorities.

Source: Germany′s data chief tells ministries WhatsApp is a no-go | News | DW | 17.05.2020

Big privacy and data security concerns as India forces coronavirus tracing app on millions

Privacy and legal experts raise red flags as many are forced to download an app one politician calls a “sophisticated surveillance system.”

India’s government is trying to address privacy concerns raised by hackers, activists and political opposition parties over its coronavirus contact tracing app called Aarogya Setu.

But while the government insists the app is an important tool in its fight against coronavirus, it has raised concerns over personal privacy and other issues.

Full article: Big privacy and data security concerns as India forces coronavirus tracing app on millions – CBS News

1 2 3 119
>