Database May Have Exposed Instagram Personal Data

Data Breach Today

Email Addresses, Phone Numbers for 49 Million People Potentially Exposed There's been a potential leak of personally identifiable information from Instagram, but it's not clear yet whether the data on 49 million users came directly from the social media company.

NAB Apologizes After Breach of Personal Data

Data Breach Today

Australian Bank Says Customer Data Sent to Two Service Providers National Australia Bank says it is contacting 13,000 customers after personal account data was uploaded without authorization to two data service providers.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Pandemics and Personal Data

IG Guru

Jared Walker of Zasio writes a great blog post on Pandemics and Personal Data. The post Pandemics and Personal Data appeared first on IG GURU. Business Education GDPR IG News Information Governance information privacy Privacy Risk News Sponsored COVID-19 Europe Health Information HIPAA Italy Jared Walker Medical Information Pandemic Singapore Zasio

PageUp Breach: Personal Data Exposed

Data Breach Today

HR Software Provider Says Names, Addresses, Emails and Phone Numbers Exposed PageUp, an HR software developer based in Australia, is warning that malware-wielding attackers may have accessed a raft of personal data stored in the company's systems.

Privacy without borders: Reality or Fantasy?

Imagine a world in which every country shared a vision and a common set of principles to protect and regulate the use of personal data. It would make international business far simpler, provide citizens in every country with the same privacy rights.

Brexit Preparation: Get Personal Data Flows in Order

Data Breach Today

teeters on the edge of a "no deal" Brexit, the country's information commissioner has warned businesses to prepare, saying that any organization that handles Europeans' personal data must ensure they have a legal transfer arrangement in place for continuing to do so

Personal Data Left on Used Laptops

Schneier on Security

A recent experiment found all sorts of personal data left on used laptops and smartphones. This should come as no surprise. Simson Garfinkel performed the same experiment in 2003, with similar results. computersecurity dataloss dataprotection

Revisit an Employee Personal Data Protection Policy After CCPA

InfoGoTo

As businesses subject to the California Consumer Privacy Act (CCPA) develop and implement policies and procedures to comply with the law, they may want to revisit, or develop an employee personal data protection policy. Why Address an Employee Personal Data Protection Policy Now?

GDPR: How the definition of personal data has changed

IT Governance

On 25 May 2018, the EU’s GDPR (General Data Protection Regulation) superseded the UK’s DPA (Data Protection Act) 1998. With the Regulation expanding the definition of personal data, many organisations were uncertain as to what the new definition includes.

Thailand Personal Data Protection Law

Data Protection Report

The Personal Data Protection Act B.E. The PDPA is under the supervision of the Ministry of Digital Economy and Society and the main supervising authority of the PDPA is the Office of Data Protection Committee ( Office ). Definition of Personal Data. Background.

How Political Campaigns Use Personal Data

Schneier on Security

Data-driven technologies are an inevitable feature of modern political campaigning. All the data-driven methods presented in this guide would not exist without the commercial digital marketing and advertising industry. Really interesting report from Tactical Tech.

Your Personal Data is Already Stolen

Schneier on Security

Reality #2: Any data point you share with a company will in all likelihood eventually be hacked, lost, leaked, stolen or sold ­ usually through no fault of your own.

Baby App “Peekaboo” Leaks Photos, Videos and Personal Data

Adam Levin

The leaked data includes photos, videos, and birthdates of babies, as well as 800,000 email addresses, location data as well as detailed device information. . The leaked data was discovered by Dan Ehrlich of the security consulting firm Twelve Security. Data privacy and security come as our priority. Bithouse has yet to comment on the leak or take the leaked data offline. Data Security Data breach Privacy featured elasticsearch data leak peekaboo

TikTok Bugs Put Users' Videos, Personal Data At Risk

Dark Reading

Researchers found it was possible to spoof SMS messages from TikTok and exploit an API flaw that could grant access to users' personal data

Turkish Personal Data Protection Authority fined Facebook for Photo API bug

Security Affairs

The Turkish Personal Data Protection Authority fined Facebook $270,000 for the Photo API bug that exposed personal photos of 300,000 Turkish users. The Turkish Personal Data Protection Authority (KVKK) has fined Facebook 1.65

Hong Kong’s Reform of the Personal Data (Privacy) Ordinance (the “PDPO”): Bridging Troubled Waters

HL Chronicle of Data Protection

From a global perspective, data protection regulation has moved forward significantly since that time, so a review of the PDPO is timely.

British Airways E-Ticketing Flaw Exposes Passenger Flight, Personal Data

Threatpost

A vulnerability in British Airways' e-ticketing system could enable a bad actor to view passengers' personal data or change their booking information. Hacks Vulnerabilities British Airways British airways data breach Data Privacy Data security e-ticketing flaw Encryption

Android App Publishers Won't Take 'No' for an Answer on Personal Data

Dark Reading

Researchers find more than 1,000 apps in the Google Play store that gather personal data even when the user has denied permission

Thailand’s First Personal Data Protection Law Enters into Effect

Hunton Privacy

On May 27, 2019, Thailand’s Personal Data Protection Act B.E. Although now effective, the main operative provisions concerning personal data protection (including requests for data subjects’ consent; collection/use and disclosure of personal data; rights of data subjects; complaints; civil liabilities and penalties) will not come into force until one year after their publication in the Government Gazette ( i.e. , on May 28, 2020).

FEMA Leaked Personal Data of 2.3 Million Disaster Victims

Adam Levin

The Federal Emergency Management Agency failed to properly protect the personal information of 2.3 A partially redacted memo issued by the Office of the Inspector General of the Department of Homeland Security stated that FEMA released the personally identifiable information of 2.3

Ford Eyes Use of Customers’ Personal Data to Boost Profits

Threatpost

IoT Privacy Data Finance Ford hackett personal data scooter spinFord's CEO sees the tech company model as key to the company's next chapter.

MoviePass Leaves Credit Card Numbers, Personal Data Exposed Online

Dark Reading

Thousands of customers' credit card numbers, MoviePass card numbers, and sensitive data were left in an unprotected database

Facebook and Twitter warn of malicious SDK harvesting personal data from its accounts

Security Affairs

Some third-party apps quietly scraped personal information from people’s accounts from Twitter and Facebook, the social media companies claim. Facebook and Twitter revealed that some third-party apps quietly scraped personal information from people’s accounts without their consent.

How to write a GDPR-compliant personal data breach notification procedure

IT Governance

An integral part of your EU General Data Protection Regulation (GDPR) compliance project is producing appropriate documentation, which includes a personal data breach notification procedure. What is a personal data breach? Loss of availability of personal data.

Personal data protection in the time of coronavirus (Covid-19)

Data Protection Report

Outbreak of the coronavirus and personal data privacy. There have been several data breach incidents which have given rise to concerns over privacy and potential discrimination against people from Wuhan and Hubei Province. Compliance and risk management data protection

GDPR: What’s the difference between personal data and sensitive data?

IT Governance

Now that the EU GDPR (General Data Protection Regulation) has been in effect for over a year, you’ve likely become acquainted with the term ‘personal data’ But what exactly does personal data mean? What is personal data? Location data.

DoorDash Data Breach Impacts Personal Data of Almost 5M Users

Threatpost

Breach Hacks data breach Data Privacy Data security doordash personal information Security third party providerAccessed information includes delivery addresses, license numbers, names, phone numbers and more.

UNICEF Leaks Personal Data of 8,000 Users via Email Blunder

Threatpost

Privacy Agora email blunder leaky data UNICEFThe organization accidentally sent the names, email addresses, gender and professional information of users of its portal Agora in an email sent in August.

Adult Content Site Exposed Personal Data of 1M Users

Threatpost

The personal email addresses - some indicating user names or government official status - of more than a million pornography website users were exposed. Privacy Web Security adult website security data leak database elasticsearch database exposed data luscious vulnerability

Belgian DPA Publishes Statement Regarding COVID-19 and Workplace-Related Processing of Personal Data

Hunton Privacy

On March 13, 2020, the Belgian Data Protection Authority (the “Belgian DPA”) released a statement regarding workplace-related processing of personal data in the context of the COVID-19 crisis (the “Statement”).

Transferring personal data under the GDPR

IT Governance

When organisations transfer data, they inevitably compromise its security to some degree. There’s not much organisations can do to eliminate data loss, so the problem becomes how to reduce the damage once the data is exposed? Data transfers.

China Emphasizes Protection of Personal Data by Issuing a New Circular

Hunton Privacy

Consent Requirement for Collection of Personal Information. In other words, unauthorized parties cannot collect the personal information of data subjects without their consent for the purposes of prevention and control of epidemics and disease. Disclosure of Personal Information.

Hostinger Data Breach: 14M Customer Passwords, Personal Data at Risk

Threatpost

Breach Hacks 14 million api server breach data breach hashed password hostinger Password websiteHostinger said that unauthorized access to an internal API server exposed hashed passwords of 14 million customers.

Walmart Jewelry Partner Exposes Personal Data Of 1.3M Customers

Threatpost

A Walmart jewelry partners' misconfigured AWS S3 bucket left personal details and contact information of 1.3 Cloud Security Featured Privacy Web Security AWS AWS S3 Bucket data leak Leaky Bucket personal datamillion customers in plain sight.

Evernote Critical Flaw Opened Personal Data of Millions to Attack

Threatpost

Evernote's web clipper extension for Chrome is vulnerable to a critical flaw that could have exposed the data of more than 4.6 million users. Vulnerabilities Web Security chrome browser critical vulnerability cross site scripting attack evernote Evernote extension Proof of Concept

Facebook personal data use and privacy settings ruled illegal by German court

The Guardian Data Protection

Firm to appeal decision by Berlin regional court which upholds complaints that users not given informed consent Facebook’s default privacy settings and use of personal data are against German consumer law, according to a judgement handed down by a Berlin regional court. The court found that Facebook collects and uses personal data without providing enough information to its members for them to render meaningful consent.

European Data Protection Board Releases Statement on Personal Data and COVID-19

Data Matters

On 20 March 2020, the European Data Protection Board (“ EDPB ”) released a statement on the protection of personal data in connection with measures that public authorities and business organizations (including employers) are taking to address the Coronavirus (COVID-19) pandemic. The EDPB statement also provides useful guidance for organisations to consider when adopting measures to lawfully process personal data during this time. Data protection principles.

How to Opt Out of the Sites That Sell Your Personal Data

WIRED Threat Level

It's much harder than it should be to get your name off of data broker and people-search sites, but it's possible. . Security Security / Privacy

Timehop Breach Impacts Personal Data of 21 Million Users

Threatpost

A massive breach has impacted up to 21 million users' personal data and their social media "access tokens.". Cloud Security Hacks Mobile Security access tokens cloud computing breach data breach Facebook Facebook Privacy Multi Factor Authentication personal data social media Timehop

Why Personal Data Privacy Needs a Customer-centric Focus

Collibra

When it comes to personal data privacy, it can be hard to see the forest for the trees. Headlines and social media are dominated by data breaches, resulting in both reputational and financial loss. Data breaches and GDPR impact trust. Data Privacy