California Looking To Label Biometric Data As “Personal Information”.

California was the first state in the US to pass a data breach notification law, all the way back in 2003. In the intervening fifteen years, all states have passed similar laws. The federal government has repeatedly attempted to pass one as well, so far without success. The need for federal legislation, one that would […] read more

Judge Says Biometric Locks Protected By 5th Amendment.

The battle over privacy in the digital age ratcheted up last week. According to a California judge, the Fifth Amendment – the right not to incriminate oneself – protects people from being forced to bypass a smartphone’s encryption via the use of irises, fingerprints, facial recognition, and other similar methods. Obviously, this means a warrant […] read more

Leading Self-Encrypting Drives Compromised, Patched.

Earlier this week, security researchers revealed that certain SEDs (self-encrypting drives) sold by some of the leading brands in the consumer data storage industry had flaws in its full disk encryption.   Bad Implementation One of the easiest ways to protect one’s data is to use full disk encryption (FDE). As the name implies, FDE […] read more

Google and Google+ : Data Breach or Not?.

This week’s revelation that Google covered up a data breach connected to Google+, the much-unused Facebook-competitor, has spilled a lot of digital ink. Unsurprisingly, most of it is unsympathetic to Google. One exception was an article at theverge.com, where it noted that “the breach that killed Google+ wasn’t a breach at all.” And, on the […] read more

Anthem Data Breach Settled for $115M, Despite Having “Reasonable” Security.

Last week, a federal judge approved a settlement – the largest to date when it comes to data breaches – that is historic and yet falls flat: Anthem, the Indianapolis-based insurer, has agreed to pay a total of $115 million to settle all charges related to its 2015 data breach. The breach, strongly believed to […] read more

Yahoo Penalized £250,000 By UK Information Commissioner’s Office.

It was reported this week that the United Kingdom’s Information Commissioner – the person whose department is in charge of upholding the nation’s data privacy laws – has penalized Yahoo! UK Services Limited with the amount of £250,000. The penalty is in response to the global data breach Yahoo experienced, and hid, for over two […] read more

Australia’s Notifiable Data Breaches Law Nets 31 Reports In 3 Weeks.

A new Australian law appears to be succeeding in finally unveiling the current state of data breaches in the Land Down Under. According to a release by the country’s information commissioner’s office (the OAIC), thirty-one data breaches were reported to the government since the law took effect on February 22, 2018.   Notifiable Data Breach […] read more

Uber Being Investigated For 2016 Data Breach.

Uber, the ride-sharing Silicon Valley unicorn, is… still in the news. They say that all publicity is good publicity – even the bad ones – but Uber is really taking that saying to its limits, it seems. This week, it was revealed that the company had been hiding a massive data breach that occurred over […] read more

Hilton To Pay $700,000 Over 2015 Data Breach, Slow Notifications.

The New York attorney general has announced a $700,000 settlement with Hilton Worldwide Holdings over issues related to the two data breaches that occurred in 2014 and 2015. $400,000 will go to New York. The remaining goes to Vermont which collaborated in the investigation.   Reported Breaches Late, In November 2015 Multinational corporations being hacked […] read more