DC amends data breach notification law

(Apr 6, 2020) A bill amending Washington, D.C.'s data breach notification law went into effect March 26, according to Hunton Andrews Kurth's Privacy & Information Security Law Blog. The bill revises the definition of personal information and establishes a harm threshold for a breach notification. It also requires identity theft prevention services to be offered for certain data breaches, as well as data security requirements for organizations that own and maintain residents' data.Full Story... Read More

Class-action brought against Marriott over latest breach

(Apr 3, 2020) Marriott has been hit with a class-action lawsuit a day after revealing a data breach involving more than 5 million customers, Law.com reports. Filed with the U.S. District Court for the District of Maryland, the lawsuit alleges Marriott failed to implement appropriate measures to protect its customers' data. "The fact that this breach comes less than two years after the first one we know about is damning, and they must be held accountable," the plaintiffs' attorney said in a statement.Full Stor... Read More

Researchers: Data leak exposes card details

(Apr 3, 2020) Researchers discovered 44 million images of card details uploaded by users to the Key Ring app were exposed online, Finextra reports. Meanwhile, hacking forum OGUsers reported a data breach affecting details of more than 200,000 users; Twitter reported a vulnerability regarding Mozilla Firefox users’ data, and an SOS Online Backup database containing approximately 135 million customer records was breached.  Full Story... Read More

Data leak exposes 337K Maltese voters' records

(Apr 2, 2020) A database containing personal information of 337,384 Maltese voters has been exposed online, Times Malta reports. Exposed data included names, addresses, ID card information and phone numbers. The database, reportedly exposed by a Maltese IT company without a password or other authentication, has been secured. Deputy Data Protection Commissioner Ian Deguara said an investigation would be conducted “to establish all the facts surrounding this security incident.”Full Story... Read More

Australian court website breach exposes hundreds of asylum seekers

(Apr 2, 2020) The Federal Court of Australia acknowledged a data breach involving the names of at least 400 asylum seekers, ABC News reports. The court's searchable database exposed the real names of protection visa applicants. Following notice about the breach, the court disabled the database after years of open access. A court spokesperson said the breach was a "major systemic failure."Full Story... Read More

This service monitors data as people work from home

(Apr 2, 2020) Nearly every aspect of life has been upended by the COVID-19 pandemic. For many, homes serve many functions. They are now a place of residence, a school, a daycare and also an office. Employees will likely be working from home for the foreseeable future, and employers have rushed to make sure their staff is ready to continue operations. Spirion CEO Kevin Coppins doesn't want companies to rest easy once everything is up and running. Workers will still be handling sensitive information that needs... Read More

App breach exposes sensitive voter data

(Apr 2, 2020) Sensitive data belonging to U.S. voters was exposed online due to a data breach of voter contact app Campaign Sidekick used by the Republican party in election campaigns, InfoSecurity Magazine reports. Cybersecurity company UpGuard found an unprotected copy of the app’s code was available on its website Feb. 12. The breach was secured Feb. 15. Downloaded files contained some sensitive data.Full Story... Read More

Health data breaches more than double in recent weeks

(Mar 31, 2020) The U.S. Department of Health and Human Services’ Health Insurance Portability and Accountability Act Breach Reporting Tool shows 105 breaches affecting more than 2.5 million people have been reported in 2020, GovInfoSecurity reports. This increased from 38 incidents impacting 1.1 million individuals reported as of February. Consulting firm tw-Security President Tom Walsh predicts breaches will continue to rise as the COVID-19 pandemic continues. Meanwhile, security researchers say tens of milli... Read More

Marriott discovers new data breach

(Mar 31, 2020) Marriott International announced it has experienced another data breach. The hotel chain said it discovered information was accessed using the login credentials of two employees. Marriott detected the intrusion in February; however, it said the activity started in mid-January. Compromised data may have included customers' contact details, loyalty account information and additional personal data, such as birthdates and gender.Full Story... Read More

Country of Georgia’s voting records published online

(Mar 30, 2020) Voting records of more than 4.9 million people in the country of Georgia were published in a hacking forum, ZDNet reports. The data included names, addresses, birthdates, ID numbers and mobile phone numbers from an unknown source. Meanwhile, Virgin Media could be liable to pay 4.5 billion GBP in compensation following a data breach that exposed 900,000 customers’ personal details, and Hawaii Pacific Health discovered an employee viewed 3,772 patients’ medical records over a five-year period.Full... Read More