RCMP accidentally revealed suicide attempt info to 160 people

(Jul 19, 2019) The Royal Canadian Mounted Police accidentally sent the details of an individual’s suicide attempt to the inboxes of more than 160 people, CBC News reports. According to a copy of a Privacy Act breach report on the incident, the details included the person’s name, data of birth, the details of the suicide attempt, the injuries they suffered and the hospital where they recovered. RCMP Spokesperson Corporal Caroline Duval said the Office of the Privacy Commissioner of Canada has been notified of t... Read More

House of Commons committee hosts emergency meeting on Desjardins breach

(Jul 19, 2019) The House of Commons Public Safety and National Security Committee hosted an emergency meeting on the Desjardins data breach, CTV News reports. The meeting featured officials from federal agencies and departments and representatives from Desjardins who discussed the incidents and potential remedies. Desjardins CEO Guy Cormier said the employee behind the breach was dealt with as soon as the company was aware of the incident and suggests an advisory group be created to consider a new digital data... Read More

Indian MPs call for TikTok ban

(Jul 18, 2019) Four members of Indian Parliament are pushing for video-sharing app TikTok to be banned in the country, the Financial Times reports. The desire to have TikTok removed stems from recent cases of viral fake and hateful content, along with claims of improper data sharing with China. "Under the guise of freedom of speech, people are using apps like TikTok to spread fake news and malicious content. During Zero Hour in parliament, [I] called for the ban of TikTok and similar apps which pose threat to ... Read More

Data breach affects 100M online invitation users

(Jul 18, 2019) More than 100 million Evite users had their data exposed when hackers gained access to its servers, Bleeping Computer reports. Earlier this year, the online invitation site revealed attackers breached its servers and were able to access user information, including personal information, email addresses and, in some case, phone numbers and mailing addresses. The breach was thought to have affected 10 million users; however, data breach monitoring service Have I Been Pwned received a database conta... Read More

Clinical Pathology Laboratories affected by AMCA data breach

(Jul 18, 2019) Clinical Pathology Laboratories says 2.2 million patients may have had their medical information stolen in a data breach of the American Medical Collection Agency, TechCrunch reports. “Another 34,500 patients had their credit card or banking information compromised,” according to the report. In June, Quest Diagnostics, LabCorp and BioReference Laboratories reported more than 20 million patients had been affected by the AMCA data breach. In similar news, the 2019 Thales Data Threat Report — Healt... Read More

Personal information of 1.6M people potentially exposed by Md. government

(Jul 17, 2019) The Washington Post reports the Maryland State Department of Education potentially exposed the personal information of more than 1.4 million students and 200,000 teachers due to improper data storage. An audit of the agency revealed that the names and Social Security numbers of the victims were left unencrypted, which is a violation of Maryland's information security policy. “Appropriate information system security controls need to exist to ensure that this information is safeguarded and not imp... Read More

Millions affected by Bulgaria's largest data breach ever

(Jul 17, 2019) Bulgarian Finance Minister Vladislav Goranov has confirmed that millions of citizens potentially had their financial data stolen by hackers in a recent breach, Reuters reports. A self-proclaimed Russian hacker with access to the stolen data told media outlets that 110 databases that combined to hold the information of nearly 5 million Bulgarians were compromised. “To the best of my knowledge, this is the first publicly known major data breach in Bulgaria,” Bulgarian Academy of Sciences Assistant... Read More

Global Data Breach Notification Law Library

(Jul 16, 2019) This free tool from RADAR allows users to access a library containing hundreds of global privacy laws, rules, and regulations to stay current on existing and proposed legislation. Features in this tool include: Interactive maps to quickly identify notification laws pertaining to a designated U.S. state. Up-to-date overviews of global breach notification laws and all 50 U.S. state regulations. Incident risk assessment and data breach reporting requirements - as well as penalties for non-comp... Read More

Irish DPC assessing possible Google data breach

(Jul 15, 2019) Bloomberg reports the Irish Data Protection Commission is weighing whether it will launch an investigation into a possible data breach of Google. The tech giant filed a data breach notification to the DPC last week following reports out of Belgium that contractors had been able to listen to users' audio from Google Assistant. “We just learned that one of these language reviewers has violated our data security policies by leaking confidential Dutch audio data,” Google said in a blog post respondi... Read More

Researcher reveals issues with companies enforcing GDPR

(Jul 15, 2019) According to Axios' cybersecurity newsletter Codebook, an Oxford University Ph.D. student has reported ways to work around the EU General Data Protection Regulation and violate others' privacy. James Pavur said he used a fake email account to try to obtain his fiancee's personal data from various companies. Of the 150 firms Pavur contacted, 83 reported that they had the data, and nearly 25% of those organizations gave Pavur access to the information. Mid-sized companies that are subject to the G... Read More