Leading Self-Encrypting Drives Compromised, Patched.

Earlier this week, security researchers revealed that certain SEDs (self-encrypting drives) sold by some of the leading brands in the consumer data storage industry had flaws in its full disk encryption.   Bad Implementation One of the easiest ways to protect one’s data is to use full disk encryption (FDE). As the name implies, FDE […] read more

Google and Google+ : Data Breach or Not?.

This week’s revelation that Google covered up a data breach connected to Google+, the much-unused Facebook-competitor, has spilled a lot of digital ink. Unsurprisingly, most of it is unsympathetic to Google. One exception was an article at theverge.com, where it noted that “the breach that killed Google+ wasn’t a breach at all.” And, on the […] read more

Anthem Data Breach Settled for $115M, Despite Having “Reasonable” Security.

Last week, a federal judge approved a settlement – the largest to date when it comes to data breaches – that is historic and yet falls flat: Anthem, the Indianapolis-based insurer, has agreed to pay a total of $115 million to settle all charges related to its 2015 data breach. The breach, strongly believed to […] read more

Yahoo Penalized £250,000 By UK Information Commissioner’s Office.

It was reported this week that the United Kingdom’s Information Commissioner – the person whose department is in charge of upholding the nation’s data privacy laws – has penalized Yahoo! UK Services Limited with the amount of £250,000. The penalty is in response to the global data breach Yahoo experienced, and hid, for over two […] read more

Australia’s Notifiable Data Breaches Law Nets 31 Reports In 3 Weeks.

A new Australian law appears to be succeeding in finally unveiling the current state of data breaches in the Land Down Under. According to a release by the country’s information commissioner’s office (the OAIC), thirty-one data breaches were reported to the government since the law took effect on February 22, 2018.   Notifiable Data Breach […] read more

Uber Being Investigated For 2016 Data Breach.

Uber, the ride-sharing Silicon Valley unicorn, is… still in the news. They say that all publicity is good publicity – even the bad ones – but Uber is really taking that saying to its limits, it seems. This week, it was revealed that the company had been hiding a massive data breach that occurred over […] read more

Hilton To Pay $700,000 Over 2015 Data Breach, Slow Notifications.

The New York attorney general has announced a $700,000 settlement with Hilton Worldwide Holdings over issues related to the two data breaches that occurred in 2014 and 2015. $400,000 will go to New York. The remaining goes to Vermont which collaborated in the investigation.   Reported Breaches Late, In November 2015 Multinational corporations being hacked […] read more

FBI Unable to Access 7000 Encrypted Devices in 2017.

At the International Association of Chiefs of Police conference, held in Philadelphia last week, Federal Bureau of Investigation Director Christopher Wray noted that the FBI has nearly 7,000 encrypted devices it cannot access. Per the phillyvoice.com: In the first 11 months of the fiscal year [2017], federal agents were unable to access the content of […] read more

47.5 GB of PHI Left Exposed on the Cloud. (That’s 316,000 PDFs).

According to gizmodo.com, security researchers at Kromtech Security Center found a wide-open Amazon Web Services (AWS) bucket that contained over 300,000 PDFs, each one a medical file that would fall under the governance of the Health Insurance Portability and Accountability Act (or HIPAA which, arguably, finally jumpstarted the drive towards encrypting sensitive digital files thanks […] read more