Tech support scam caused massive data breach at Australian airline Qantas
It’s possible to leak PII describing 5.7 million people without breaching privacy rules
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
It’s possible to leak PII describing 5.7 million people without breaching privacy rules
Also, Venezuela Cyberattack, Endesa Confirms Breach and Telegram IP LeakThis week, a software flaw caused the Verizon outage. U.S. cyberattack in Venezuela. ICE identities published online. BreachForums users leaked. Spanish energy provider Endesa data breach. Telegram privacy risk. A MuddyWater upgrade. Dutch man sentenced for hacking a maritime port. A ServiceNow patch.
This week’s cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants and governments are racing to plug new holes while arguing over privacy and control. And researchers keep uncovering just how much of our digital life is still wide open
Lobbying efforts gain ground as proposals carve myriad holes into regulations Privacy advocates are condemning the European Commission's leaked plans to overhaul digital privacy legislation, accusing officials of bypassing proper legislative processes to favor Big Tech interests.…
Also: Medicare Data Breach; Gartner Security & Risk Management Summit TakeawaysIn this week's update, ISMG editors discussed Iran-linked hackers claiming to steal emails from Trump's inner circle, how to refine application development in the age of AI, and a U.S. Medicare data breach amplifying concerns over the safety, security and privacy of federal health systems.
Fine Imposed for Failing to Protect Genetic Data in the United KingdomThe British data regulator imposed a 2.31 million-pound fine against bankrupt genetics research firm 23andMe for "serious" privacy violations tied to the company's 2023 hack and data leak. The breach impacted 155,592 individuals in the United Kingdom.
Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security risks
Investment to Scale Engineering, Expansion from Data Deletion to Threat ReductionExecutive digital protection firm 360 Privacy raised $36 million to expand its engineering team and boost its ability to remove sensitive data from brokers. The company is shifting from a data deletion focus to broader threat mitigation, tackling risks from digital tracking and location data leaks.
State-led data privacy laws and commitment to enforcement play a major factor in shoring up business data security, an analysis shows.
Leaked draft report says stated goals still come up short Google's Privacy Sandbox, which aspires to provide privacy-preserving ad targeting and analytics, still isn't sufficiently private.…
PLUS: Juniper's support portal leaks customer info; Canada moves to ban Flipper Zero; Critical vulns Infosec In Brief Nearly half the citizens of France have had their data exposed in a massive security breach at two third-party healthcare payment servicers, the French data privacy watchdog disclosed last week.…
Plaintiffs Alleged Google Sought to Cover Up API Flaw That Exposed Private DataSilicon Valley giant Google agreed to settle for $350 million a shareholder lawsuit alleging it mislead investors by attempting to cover up a privacy flaw in now-defunct social network Google+ that resulted in outside applications having access to private profile information.
Many departments and groups see the benefits of using generative AI tools, which will complicate the security teams' job of protecting the enterprise from data leaks and compliance and privacy violations.
UK ICO issues call after damaging police leak
Unsophisticated attackers can pinpoint where a person lives by lifting metadata from Strava and other apps, even if they're using a feature specifically aimed at protecting their location information.
British American Tobacco, Samsung, also burgered up their infosec South Korea's Personal Information Protection Commission has fined McDonald's, British American Tobacco, and Samsung for privacy breaches.…
The Irish Data Protection Commission (DPC) has launched an inquiry regarding a massive Twitter data leak following last month's news reports that non-public information belonging to over 5.4 million Twitter user records has been leaked on a hacking forum. [...]
Plus Australia launches an investigation into insurer's data privacy practices Australian health insurer Medibank's prognosis following an October data breach keeps getting worse as criminals dumped another batch of stolen customer data on the dark web. …
Ireland's Data Protection Commission (DPC) has levied fines of €265 million ($277 million) against Meta Platforms for failing to safeguard the personal data of more than half a billion users of its Facebook service, ramping up privacy enforcement against U.S. tech firms
The platform lets network connectivity data escape outside of the secure tunnel when connected to a public network, posing a "privacy concern" for users with "certain threat models," researchers said.