Irish DPC not currently investigating Google for location-tracking practices

(Aug 17, 2018) A spokesman for Ireland’s data protection commissioner said the agency is not currently investigating Google for tracking location data on mobile devices without their consent, The Irish Independent reports. Irish Data Protection Commissioner Helen Dixon cannot look into the practices unless a citizen were to make a complaint with the agency, as Google has not finished the data protection registration process it needs to complete following the implementation of the EU General Data Protection Reg... Read More

Judge approves $115M Anthem data breach settlement

(Aug 17, 2018) U.S. District Court for the Northern District of California Judge Lucy Koh approved Anthem’s $115 million settlement for its 2015 data breach, Bloomberg Law reports. Anthem had reached the settlement with 19.1 million of its customers in June while maintaining it did not conduct any wrongdoing. The class group will receive a pool of $15 million, with each member potentially claiming up to $10,000 to cover out-of-pocket expenses tied to the breach, as well as free credit monitoring. Anthem also a... Read More

Wisconsin county suffers data breach affecting 258K citizens

(Aug 17, 2018) The personal information of 258,120 citizens has been exposed in a data breach affecting the computer system belonging to Adams County in Wisconsin, HealthITSecurity reports. An investigation found unauthorized individuals gathered usernames and passwords to the systems, accessing personal data, personal health information, and tax information from various departments in the county, such as the Veteran Service Office, Health and Human Services, and the Extension Office. Any data stored on the ne... Read More

AT&T sued for $224M following theft of customer's cryptocurrency

(Aug 17, 2018) Krebs on Security reports a man is suing AT&T for $224 million after hackers compromised his mobile account in order to steal millions of dollars in cryptocurrencies. Michael Terpin claims malicious actors were able to tie a new SIM card and mobile phone to a device they had in their control, allowing the ability to take over his AT&T account. The hackers then changed the credentials to his cryptocurrency accounts, stealing nearly $24 million in digital currency. In his complaint, Terpin... Read More

Employers accused of violating Illinois biometric privacy law

(Aug 16, 2018) An employee has filed a lawsuit against a pair of companies for allegedly violating the Illinois Biometric Information Privacy Act, the Cook County Record reports. The plaintiff claims AGCO Corp. and Ceridian HCM Inc. scan employees’ fingerprints to track and log work hours but never informed the staff about why the information was collected and how long it was going to be held. The companies allegedly shared the biometric data with third parties and have run afoul of the Illinois law by never d... Read More

Privacy, security concerns fuel interest in health care biometrics

(Aug 16, 2018) HealthITSecurity reports biometrics are receiving more attention within the health care industry due to concerns around privacy and security. A study conducted by Verified Market Intelligence finds the health care biometric market will grow at a 19.1 percent compound annual growth rate through 2025, potentially going as high as $5.7 billion. The projected surge in biometrics is due to an increase in data breach cases in health care, as well as an increase in overall funding for health care biome... Read More

Study: 2.6B records compromised in 2018

(Aug 16, 2018) A study conducted by Risk Based Security found 2.6 billion records have been compromised in the first half of 2018, the Silicon Republic reports. In its “Mid-Year 2018 Data Breach QuickView” report, the infosec firm found 2,308 data breaches have been publicly announced. The number of compromised records and reported breaches is actually down from the same point in 2017. Risk Based Security found 2,439 data breaches exposed 6 billion records at last year’s midway point. A study from Juniper Rese... Read More

FBI announces 5 leadership appointments

(Aug 15, 2018) U.S. Federal Bureau of Investigation Director Christopher Wray announced five leadership appointments. Amy Hess was named executive assistant director of the Criminal, Cyber, Response, and Services Branch; Matt Gorham as the assistant director of the Cyber Division; Brian Boetig as the assistant director of the Weapons of Mass Destruction Directorate; Michael Gavin as the assistant director of the IT Applications and Data Division; and Marlin Ritzman as the assistant director of the Information ... Read More

CDC bringing blockchain to its EHR data-sharing system

(Aug 13, 2018) The Centers for Disease Control and Prevention is teaming up with the National Center for Health Statistics and IBM for a pilot program designed to incorporate blockchain into its electronic health records data-sharing system, GCN reports. The program will use the technology to gather and secure data and metadata collected from EHRs, allowing the CDC and other users to see all data transactions for subjects who have given their consent. The goal of the pilot program is to increase transparency i... Read More

Notes from the IAPP Publications Editor, August 10, 2018

(Aug 10, 2018) Greetings from Portsmouth, NH, Though we're in the heart of the summer, many infosec and privacy pros traveled to Las Vegas this week to brave 110-degree desert temps. At least it's a dry heat, right? The annual Black Hat USA Conference, sidled by the more low key Defcon, reportedly drew its biggest crowd this year. And though it's one of the premier security events in the world, privacy was top of mind. To wit: Black Hat founder Jeff Ross, also known on Twitter as the Dark Tangent, discussed ... Read More