Uber Admits Covering Up 2016 Data Breach, Avoids Prosecution

Data Breach Today

Department of Justice to resolve a criminal investigation into its massive 2016 data breach. Hackers Stole Sensitive Data for 57 Million Uber Passengers and Drivers Ride-sharing service Uber has reached an agreement with the U.S.

Guilty Plea in 2016 Dyn DDoS Attack

Data Breach Today

Attack Took Down Amazon, PayPal, Spotify, Twitter and Others One of those responsible for the massive Mirai-based DDoS attack launched in October 2016 that targeted domain name resolver Dyn and knocked Amazon, PayPal, Spotify, Twitter and others offline has pleaded guilty to federal charges


Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Former Uber CSO Charged With Covering Up 2016 Data Breach

Data Breach Today

Department of Justice has charged former Uber CSO Joseph Sullivan with obstruction of justice for allegedly covering up the 2016 hack of the ride-sharing service, which compromised sensitive data for 57 million Uber passengers and drivers

Final Report: More 2016 Russian Election Hacking Details

Data Breach Today

CISA's Krebs: 2016 US Elections Were Cyber 'Sputnik' Moment

Data Breach Today

Cybersecurity Agency Ranks Election Security and Ransomware as Biggest Threats The 2016 U.S.

Ransomware Hit a Florida Voting System in 2016

Data Breach Today

County Officials Reveal Details of the Attack Election officials in Palm Beach County, Florida, revealed this week that its voter registration system was hit by ransomware in the weeks leading up to the 2016 presidential election

Predictions 2016: How’d I Do?

John Battelle's Searchblog

The post Predictions 2016: How’d I Do? Here’s a short report card for each of my twelve 2016 predictions. #1 1 – 2016 will be the year that “business on a mission” goes mainstream. Oh, and at the end of this prediction, I ventured that in 2016, we’d see a blockchain based adtech player emerge. I wrote: “In 2016, Medium, LinkedIn, and Facebook will all make strides in helping all publishers succeed.” Related: Predictions 2016

IoT 40

InfoGovCon 2016 Promo Video


Check out the new promo video for InfoGovCon 2016 ! I'm excited to be one of the speakers for this exciting event. You should come! Learn more at: www.InfoGovCon.com. InfoGovCon


Report: U.S. Struggled to Counter 2016 Election Interference

Data Breach Today

Senate Intelligence Committee released its third report on Russian interference during the 2016 presidential election, finding that the Obama administration struggled to respond and more needs to be done to avoid disruption this year

2016 InfoGov Expert of the Year Award


See also: My Reflections on the 2016 InfoGovCon. I was honored at the 2016 Information Governance Conference to be named InfoGov Expert of the Year. This award is for "an Information Governance leader who has demonstrated leading expertise in 2016." The 2016 Information Governance Conference was amazing! Thank you so much to all who voted for me this year! Thank you also to Information Coalition and InfoGovCon. This is my second industry award!

ICA Congress 2016: Creating value with digital preservation


The International Council on Archives (ICA) is dedicated to records management and the preservation of the world’s archival heritage. For over 60 years, the ICA has united archival institutions and practitioners across the world to share industry knowledge and expertise. The ICA is a truly international organisation, and this year held their Congress event in Seoul, South Korea.

Speaking at InfoGovCon 2016


I'm very excited to be speaking at this year's InfoGovCon in Providence, RI. The conference is October 11-12. The lineup of speakers is excellent. This is the first year I get to go to InfoGovCon and I have the honor of presenting. Make plans to attend. You won't be disappointed. Learn more about InfoGovCon here. Information Coalition Information Governance information management

Global Futures: A look back at ARA 2016


An insightful few days in Archiving & Digital Preservation. Earlier this month the Archives & Records Association (ARA) held their annual members conference in Wembley, London. The event brought together archivists and records managers from across Europe, including many Preservica Users.

Post Brexit, what options are available for a GDPR-light Data Protection Act?

Data Protector

Let’s think the unthinkable. Lets assume that, post Brexit, the British Government has an opportunity to decide how its data protection legislation should reflect the requirements of an aspiring British economy. And let’s assume that the Minister with responsibility for Data Protection asks for options about trimming back those elements of the General Data Protection Regulation that are unduly burdensome and, in practice, actually do very little to safeguard fundamental human rights.

GDPR 131

My 7 top security publications from the ICO

Data Protector

Encryption (Mar 2016) This 35-page guide highlights, through a range of practical scenarios, when different encryption strategies can help provide a greater level of protection. A practical guide to IT security (Jan 2016). Given what can only be described as an omnishambles of security breaches, is there much more that the ICO can do to warn data controllers of the risks they should take account of? Probably not.

My (somewhat unreliable) data protection predictions for 2017

Data Protector

I’ve recently had a quiet year on the blogging front – my professional duties have prevented me from playing a more active role on the Internet during this year than I would have liked, but that is set to change in 2017.

GDPR 120

Apollo – they can’t still be up to their old tricks?

Data Protector

Two years ago I blogged about an unsettling experience I had with Apollo, a firm that had confused me as to what they were really all about. Since then, I’ve had a number of emails from people who have had similar experiences. Today, I’m reprinting (most of) the most recent one – which comments about an organisation called Apollo-Transitions. Surely, this is not the same company as the Apollo company I had encountered?

IT 120

Russia Targeted All 50 States During 2016 Election: Report

Data Breach Today

Senate Intelligence Committee finds that Russia targeted election systems and infrastructure in all 50 states during the run-up to the 2016 Presidential elections. Senate Intelligence Committee Report Finds Extensive Interference A report from the U.S. The committee, however, could find no evidence that vote tallies were altered

Google Capitulates to Facebook’s Identity Machine: Is This Good News For The Open Web?

John Battelle's Searchblog

The post Google Capitulates to Facebook’s Identity Machine: Is This Good News For The Open Web? appeared first on John Battelle's Search Blog. Long time readers of this site know that once a year I make predictions, and revisit those I made the year before. But it’s not often I look back farther than one year to see if perhaps I was just a tad too early. It appears in the case of Google and personal data, I was.

Reflections on the 2016 AIIM Conference


I loved being an attendee, I enjoyed speaking, and I was honored to receive the 2016 AIIM Leadership Award for Social Buzz. Read my full reflections on LinkedIn Pulse: Reflections on the 2016 AIIM Conference. AIIM16 in New Orleans is over, and I must say it was a fantastic experience. AIIM AIIM Conference

IT 40

Friends, Feedback and the Future of Digital Preservation: Preservica Global User Group 2016


The 2016 User Group was a brilliant learning opportunity, and much enjoyed by all who attended. Last week I had the pleasure of taking part in our Global User Group Meeting and spending time with over fifty Preservica Users in Oxford – our biggest event to date! Having studied and lived in Oxford for many year’s it’s easy to take for granted the beautiful surroundings that the city has to offer.

Scrutinizing the draft Investigatory Powers Bill

Data Protector

Is there really sufficient time to consider other elements – such as overhauling the bulk data and equipment interference provisions in 2016? Looking at the 2016 Parliamentary holidays for the House of Commons (the House of Lords will set slightly different dates), the February recess is from today (11 February) until 22 February. The point about pre-legislative scrutiny is that a parliamentary bill gets a good prod before it begins its usual passage through Parliament.

750 days to go before the new data protection rules bite

Data Protector

How often do organisations get 750 days’ notice of new rules that may require them to make huge changes to comply? Well, it’s happened. The European Commission has just announced that the General Data Protection Regulation, a mighty piece of legislation that took over 4 years to negotiate, will come into force on 25 May 2918. What will it mean to most organisations? Potentially, lots.

IAPP Europe Data Protection Congress 2016

Hunton Privacy

Join us at the International Association of Privacy Professionals (“IAPP”) Data Protection Congress in Brussels, November 9-10, 2016. Hunton & Williams privacy professionals will be featured speakers in the following sessions: Addressing Risky Processing Under the GDPR: A Practical Approach. Thursday, November 10, 1:30 p.m.


Telco service provider giant Syniverse had unauthorized access since 2016

Security Affairs

Syniverse service provider discloses a security breach, threat actors have had access to its databases since 2016 and gained some customers’ credentials. Syniverse discloses a security breach, threat actors have had access to its databases since 2016.

2016 AIIM Leadership Award for Social Buzz


I was honored at the 2016 AIIM Conference to receive the 2016 AIIM Leadership Award for Social Buzz. This award "recognizes individuals whose outstanding leadership within our community goes above and beyond to benefit the advancement of the information management industry and AIIM". I am so thankful for this award—it's my very first industry award! I hope it's the first of several.

IT 40

A (light hearted and) handy guide to privacy activists for the under 10s

Data Protector

Privacy activists in the olden days There weren’t many privacy activists in the olden days. This was because there was no Internet, and very few people had heard of the Data Protection Commissioner. As it was expensive to make a telephone call, and texts had not yet been invented, it was quite hard to spread rumours and exchange information with lots of people you didn’t know.

DrupalCon Europe 2016 – Building a Security Framework for Your Websites


Last week I spent a few days in beautiful Dublin, Ireland for DrupalCon Europe 2016. The post DrupalCon Europe 2016 – Building a Security Framework for Your Websites appeared first on PerezBox. I had the opportunity to present a new presentation in which I try to introduce. Read More. Security Web And Information Security

InfoGov 2016: The State of Enterprise Information


The information experts at Optismo and InfoGovCon have published a new report called " Information Governance 2016: The State of Enterprise Information (Part 1) ". This important research paints a bleak picture of Information Governance maturity in today's enterprises. I was excited to see one of my responses quoted in this research: InfoGovCon: "Do you believe the term 'Enterprise Content Management' is still helpful or still has meaning?".

ECM 40

memcpy (and friends) with NULL pointers

Imperial Violet

The C standard (ISO/IEC 9899:2011) has a sane-seeming definition of memcpy (section The memcpy function copies n characters from the object pointed to by s2 into the object pointed to by s1. Apart from a prohibition on passing overlapping objects, I think every C programmer understands that.

In praise of. the Investigatory Powers Act 2016

Data Protector

To recap, in 2016 the IPA brought together all the existing covert and overt statutory powers that were then available to enable the UK’s intelligence agencies, police and other investigatory authorities obtain intelligence and communications data.


Imperial Violet

Security protocols often assume an accurate, local clock (e.g. TLS, Kerberos, DNSSEC and more). It's a widely accepted assumption when designing protocols but, for a lot of people, it just isn't true. We find good evidence that at least 25% of all certificate errors in Chrome are due to a bad local clock. Even when the local clock is being synchronised, it's very likely to be using unauthenticated NTP.

TeamViewer Admits Breach from 2016

Dark Reading

The company says it stopped the attack launched by a Chinese hacking group

IT 76

European Data Protection Supervisor Publishes Priorities for 2016

Hunton Privacy

On January 7, 2016, the European Data Protection Supervisor (the “EDPS”) published his Priorities for 2016. The EDPS Priorities consists of a cover note listing the strategic priorities of the EDPS in 2016 and a color-coded table listing the European Commission’s proposals that require the EDPS’ attention, per level of priority. Initiatives Related to the European Commission’s Work Programme for 2016.

Privacy Blog Nominated for Best AmLaw Blog of 2016 – Please Vote To Help Us Win!

Hunton Privacy

Hunton & Williams LLP is proud to announce our Privacy & Information Security Law Blog has been nominated in The Expert Institute’s 2016 Best Legal Blog Contest for Best AmLaw Blog of 2016. From all of the editors, lawyers and contributors that make our blog a success, we appreciate your continued support and readership, and ask that you please take a moment to vote for our blog!

The Ashley Madison Breach: Canada-Australia Report of Investigation and Takeaways for all Organizations

Privacy and Cybersecurity Law

On August 23, 2016, the Office of the Privacy Commissioner of Canada (OPC) released its joint report with the Office […]. Canada Data Breach Enforcement Record Retention

Cryptographic Agility

Imperial Violet

( These are notes that I wrote up from a talk that I gave at the National Academies Forum on Cyber Resilience. You can tell that it was in Washington, DC because of the “cyber”. I wasn't quite sure how technical to pitch this talk so it's relatively introductory; regular readers probably know all this. This isn't a transcript of what I said, but I try to hit the main points in my notes. ). Firstly I'd like to separate extensibility from agility.

IT 89

IoT's moment of truth -- who can secure the data flows?

Collaboration 2.0

Innovative Internet of Things efforts need the maturity and experience of industrial internet service providers to secure data platforms and drive growth

IoT 86

DHS report – Voting systems in North Carolina county in 2016 were not hacked

Security Affairs

Computer faults that disrupted voting in a North Carolina county in 2016 were not caused by cyber attacks, a federal investigation states. The analysis of laptops used in some Durham County precincts on Election Day in November 2016 showed inaccurate data to poll workers.

Juvenile Pleads Guilty to 2016 DNS Attack

Dark Reading

Mirai botnet was used to target Sony in an attack that took down DynDNS and a number of its notable customers

IT 69