Facebook's Leaky Data Bucket: App Stored User Data Online

Data Breach Today

Android App Left User Data Open Without Authentication or TLS/SSL A security consultancy discovered Facebook user data exposed in two different places online without authentication or encryption. The data is now offline.

Does the Colorado Data Privacy Law Affect You?

InfoGoTo

When a strengthened Colorado data privacy law took effect on September 1, 2018, the state joined others (including California and Massachusetts) in becoming more proactive on data protection by passing laws aimed at safeguarding consumer data.

Is It Time for a Federal U.S. Data Protection Law?

InfoGoTo

The Case for a Federal Data Protection Law. Now, depending on your location and industry, you may have to navigate the requirements of GDPR , other countries’ data protection laws and U.S. Some may not want to limit access to data for that reason.

IT 84

Airbus data breach exposes some employees’data

Security Affairs

The European airplane manufacturer Airbus announced to have suffered a data breach that exposed some employees’ data. and to mitigate the potential impact of the data breach. SecurityAffairs – hacking, data breach).

HIV Data Exposed Online

Data Breach Today

The incident illustrates the importance of safeguarding sensitive health data, such as by implementing behavioral analytics

Marriott: Data on 500 Million Guests Stolen in 4-Year Breach

Krebs on Security

Hospitality giant Marriott today disclosed a massive data breach exposing the personal and financial information on as many as a half billion customers who made reservations at any of its Starwood properties over the past four years. Data Breaches Marriott Data breach Starwood breach

Data 256

Data Breach Reports in Europe Under GDPR Exceed 59,000

Data Breach Today

Netherlands, Germany and UK Have Logged the Most Data Breach Reports Since the EU's GDPR went into full effect, European data protection authorities have received over 59,000 data breach reports, with the Netherlands, Germany and the U.K.

USPS Site Exposed Data on 60 Million Users

Krebs on Security

Many of the API’s features accepted “wildcard” search parameters, meaning they could be made to return all records for a given data set without the need to search for specific terms.

Data 268

Jared, Kay Jewelers Parent Fixes Data Leak

Krebs on Security

” Concerned that his own information was similarly exposed, Sheehy contacted Jared parent company Signet Jewelers and asked them to fix the data exposure. But Lancaster said Signet neglected to remedy the data exposure for all past orders until contacted by KrebsOnSecurity.

Data 191

7 Best Practices for Data Destruction

InfoGoTo

Data destruction involves much more than hitting the “delete” key on a computer or moving data to a trash folder and emptying it. Organizations need to follow best practices in their data destruction and disposition to protect themselves and their customers.

German Antitrust Office Restricts Facebook Data Processing

Data Breach Today

Data 172

Ireland's Privacy Watchdog Probes Facebook Data Breaches

Data Breach Today

Million Users' Private Photos Exposed, Triggering GDPR Investigation Ireland's privacy watchdog is probing data breaches at Facebook that exposed users' private data.

GDPR: EU Sees More Data Breach Reports, Privacy Complaints

Data Breach Today

Ireland, France, Germany and UK Report Increases Since Privacy Law Took Effect The number of data breach reports filed since the EU General Data Protection Regulation went into effect has hit nearly 3,500 in Ireland, over 4,600 in Germany, 6,000 in France and 8,000 in the U.K.

Fewer Breaches in 2018, But More Sensitive Data Spilled

Data Breach Today

data breaches - involving the likes of Facebook, Marriott and Exactis - that exposed 447 million sensitive records, such as Social Security numbers, medical diagnoses and payment card data

Health Data Breach Tally: What's New?

Data Breach Today

China’s Data Protection Laws Go Further Than GDPR

InfoGoTo

Though much of the news concerning China and data protection in recent months has featured Chinese threat actors, the country’s citizens are often targets, too. China’s data protection laws have been presented as a response to the data security threats facing the nation. They join China’s existing Cyber Security Law, which went into effect in June 2017, helping to bring its previous data protection regulations into the 21st century.

Happy Data Privacy Day: City Planning Now Mines Everyone’s Data All the Time

Adam Levin

Sidewalk Labs, a subsidiary of Google’s parent company Alphabet, is the go-to story for Data Privacy Day with its new “user-friendly” tool called Replica, which allows city planners see “how, when, and where people travel in urban areas.”.

Mining 103

Fresh GandCrab Decryptor Frees Data for Free

Data Breach Today

Crypto-Locking Ransomware Cracked Thanks to Gang's Shoddy Code Quality Good news for anyone whose data has been crypto-locked by attackers wielding GandCrab, the year's most aggressive strain of ransomware: You may be able to get your data back, thanks to a free decryptor

'Data & Leads' Site Disappears After Data Exposure Alert

Data Breach Today

Data Aggregator Exposed 44.3 million individuals' personal details found in unsecured instances of Elasticsearch, which appear to have been left online by Data & Leads, a Toronto-based data aggregation firm Million Individuals' Details via Unsecured Servers Another day, another "Have I Been Pwned" alert, this time involving 44.3

Data 140

SBI Investigates Reported Massive Data Leak

Data Breach Today

Report: India's Largest Bank Had Database That Lacked Password Protection The State Bank of India, the nation's largest bank, is investigating an apparent data leak that reportedly exposed information on millions of its customers.

2018 Health Data Breach Tally: An Analysis

Data Breach Today

Hacking Incidents Still Dominate, But Fewer Huge Incidents Than in Years Past Major health data breaches added to the official federal tally in 2018 impacted more than twice as many individuals as the incidents added to the list 2017.

Radisson Suffers Global Loyalty Program Data Breach

Data Breach Today

Hotel Giant Has Yet to Disclose Total Number of Affected Victims Radisson Hotel Group has suffered a data breach that resulted in the theft of data for its global loyalty program members. The company, which operates 1,400 hotels, says the breach touched data for "less than 10 percent" of all Radisson Rewards members, but it hasn't released a victim count

Ransomware Attacks: The Data Integrity Issues

Data Breach Today

Healthcare Incident Points to Possible 'Altered' Patient Data Data integrity issues can arise in the wake of a ransomware attack. Case in point: A California podiatrist practice hit by ransomware reports that patient files were possibly "altered" or "corrupted."

NASA Announces Data Breach

Adam Levin

The US National Aeronautics and Space Administration has announced that it experienced a data breach in October. The post NASA Announces Data Breach appeared first on Adam Levin. Data Security Government Data breach featured NASA

Responsibility of Data Architecture in Data Governance

Perficient Data & Analytics

The data architecture capability will supply the components and standards necessary to implement other capabilities coherently and enable them to work together. An enterprise data model provides a common, well-understood classification of data.

A data inventory is key to maintaining data privacy compliance

Information Management Resources

Building an effective compliance program based on a comprehensive inventory helps an organization meet GDPR requirements and provides a clear vision for ethical data handling that drives value. Data privacy Data management Data privacy rules Data discovery Data strategy

GDPR 86

GDPR: 8,000 Data Breach Reports Filed So Far in UK

Data Breach Today

s privacy watchdog says that six months after enforcement of the EU's General Data Protection Regulation began, it's seen a dramatic increase in data breach reports - as well as privacy complaints from the public

Yahoo's Proposed Data Breach Lawsuit Settlement: Rejected

Data Breach Today

Health Data Security: The Most Promising Technologies

Data Breach Today

Analytics, artificial intelligence and machine learning are increasingly playing promising roles in healthcare data security, say Ron Mehring, CISO at Texas Health Resources, a large delivery system, and Axel Wirth of Symantec, a technology vendor.

Blur data leak potentially exposed data of 2.4 Million users

Security Affairs

A misconfigured AWS S3 bucket is the root cause of a data leak that impacted 2.4 Last week Abine disclosed a data leak that potentially exposed personal information of Blur users. Leaked data included email addresses, password hashes ( bcrypt hashes with a unique salt for each user), IP addresses and, in some cases, first and last names and password hints. Abine discoverd the data leak on December 13. million users were impacted by the data leak.

Airbus Hacked: Aircraft Giant Discloses Data Breach

Data Breach Today

Investigation Underway After Attack Compromises Employee Details Airbus says it suffered a hack attack, leading to a breach of "contact and IT identification details" for at least some of its EU employees.

“Collection #1” Data Breach Analysis – Part 2

Security Affairs

The cyber security expert Marco Ramilli continues its analysis of the data leak known as Collection #1, he shared some interesting views on data The cyber security expert Marco Ramilli continues its analysis of the data leak known as Collection #1, he shared some interesting views on data.

“Collection #1” Data Breach Analysis – Part 1

Security Affairs

Cybersecurity expert Marco Ramilli has analyzed the huge trove of data, called Collection #1, that was first disclosed by Troy Hunt. Few weeks ago I wrote about “ How Data Breaches Happen “, where I shared some public available “pasties” within apparently (not tested) SQLi vulnerable websites.

Hackers Leak Hundreds of German Politicians' Personal Data

Data Breach Today

Data analytics in internal audit: State of the data, 2019

Information Management Resources

Data analytics has taken a long time to take root within Internal Audit. Analytics Data management Data securityWith the seeds long planted, the garden is finally burgeoning forth.

Misconfigured Server Exposes Patient Data

Data Breach Today

Security Researcher Discovers Apparent Breach at Medical Practice A medical practice's misconfigured database server that allegedly exposed information about thousands of patients plus staff serves as another reminder about the importance of safeguarding sensitive data from exposure on the internet

Data 197

Who are you, citizen data scientist?

Information Management Resources

The simplest definition of a citizen data scientist is: non-data scientist. It just means that citizen data scientists nobly desire to do data science but are not formally schooled in all the ins and outs of the data science life cycle. Data science Data Scientist Data management

The Critical Importance of Data Integrity

Data Breach Today

Microsoft's Diana Kelley on How to Keep Data Untampered Altered data can be just as damaging as lost or stolen data. Diana Kelley of Microsoft outlines key steps for how enterprises can improve how they maintain data integrity

How To 123

Data-Centric Security and Big Data

Thales Data Security

As Cybersecurity continues to be heavily focused on solving the problem of attacks against software vulnerabilities and system access, one potential silver bullet in the data breach equation remains out of the limelight. The Big Data Conundrum. Data security

What organizations can do to mitigate threats to data management

Information Management Resources

Without effective data management capabilities an organization will have difficulty understanding and maximizing the use of its data assets. Data security Data management Cyber security

IT 76