#DataPrivacy

What’s the Best Way to Communicate After a Data Breach?

by

December 20, 2023 at 08:05PM Organizations facing security incidents should prioritize clear and strategic communication. Ashley Sawatsky, a Senior Incident Response Advocate at Rootly, uses her expertise to offer essential tips. These include involving legal counsel, being proactive in notifying affected parties, providing regular updates, avoiding speculation, using cautious language, and preparing customer-facing teams. Ashley’s … Read more

Xfinity Data Breach Impacts 36 Million Individuals

by

December 20, 2023 at 07:51AM Comcast’s Xfinity recently disclosed a data breach affecting approximately 36 million individuals to US authorities. Hackers accessed customer data, including personal details and hashed passwords. The breach possibly impacts all Xfinity customers and employees. The attack exploited a Citrix Netscaler ADC and Gateway vulnerability named CitrixBleed, despite Xfinity’s prompt patch … Read more

Meta’s AI-Powered Ray-Bans Portend Privacy Issues

by

December 15, 2023 at 05:19PM Meta is introducing AI-integrated smart glasses through an early access program. By using the wake phrase “Hey Meta,” users can control features and access real-time information. However, concerns have been raised over extensive data collection and ambiguous privacy policies. The new glasses aim to address the underwhelming sales of the … Read more

Nearly a million non-profit donors’ details left exposed in unsecured database

by

December 13, 2023 at 05:31AM Close to a million records containing personally identifiable information of donors to non-profits were exposed in an online database owned by DonorView, provider of a fundraising platform for schools, charities, and religious institutions. The exposed data included donor names, addresses, phone numbers, emails, and payment methods, raising concerns about potential … Read more

Unveiling the Cyber Threats to Healthcare: Beyond the Myths

by

December 12, 2023 at 01:24PM Summary: The healthcare industry faces a significant cyber threat, with Electronic Health Records (EHRs) commanding high prices on the dark web. Ransomware attacks exploit the sector’s reliance on digital systems and patient care urgency. Healthcare organizations are urged to adopt vigilant, proactive strategies, including monitoring digital footprints on platforms like … Read more

23andMe responds to breach with new suit-limiting user terms

by

December 11, 2023 at 06:53AM 23andMe’s data breach revealed that 5.5 million sets of “DNA relatives” profiles were stolen, along with 1.4 million sets of Family Tree data. Additionally, hundreds of laptops stolen from a Bay Area tech company were recovered, and Henry Schein employees’ personal data was stolen in a ransomware attack. These incidents … Read more

Kenyan Digital Identity System Shelved Over Data Protection Concerns

by

December 8, 2023 at 11:29AM Kenya has halted the launch of its digital identification system, “Maisha Namba,” due to the lack of data-protection impact assessments. The High Court suspended the system, concerned with privacy rights violations and the unlawful collection of biometric and biographical data. The system is scheduled to be reviewed by the High … Read more

Apple Commissions Data Breach Study to Highlight Need for End-to-End Encryption

by

December 7, 2023 at 01:12PM An Apple-commissioned study indicates 2.6 billion personal data records were compromised in breaches over the last two years, underscoring the need for end-to-end encryption. Meeting Takeaways: 1. Apple commissioned a study focusing on data breaches. 2. The study found that 2.6 billion personal data records were compromised over the past … Read more

Governments May Spy on You by Requesting Push Notifications from Apple and Google

by

December 7, 2023 at 06:06AM U.S. Senator Ron Wyden revealed that governments have demanded mobile push notification data from Apple and Google. Such notifications pass through Apple and Google’s systems, potentially exposing app usage. Apple and Google confirmed receipt of requests but lacked transparency. Wyden urged them to disclose aggregate request statistics and inform affected … Read more

Meta Launches Default End-to-End Encryption for Chats and Calls on Messenger

by

December 7, 2023 at 01:54AM Meta introduces default end-to-end encryption for individual Messenger calls and messages, significantly enhancing privacy. This major update, resulting from extensive redesign and expert consultations, secures communications from sender to receiver. Group chat encryption remains in testing, with a new encrypted storage protocol, Labyrinth, enabling secure server-side message storage and recovery … Read more