Fired Amazon employee shared customer email addresses with third party
In addition to firing the employee responsible for violating the company’s policies, Amazon referred the employee to law enforcement.
About SC Media
Privacy & Compliance News and Analysis
Zoom tries to make good on security, privacy promises
Bugcrowd CEO Ashish Gupta spoke with SC Media about his company’s support for Zoom’s bug bounty program and the strides he believes the teleconferencing platform has made to protect data and privacy.
Cloudflare announces free, privacy-focused website analytics
A free website analytics platform unveiled today by Cloudflare will offer services similar to Google and other analytics platform, but without tracking users. “The big ad-supported platforms were hoovering off more and more data on what was going on online and it had sort of crossed the creepiness threshold level,” Matthew Prince, chief executive of…
Leaked FinCEN files expose poor data security
Leaked documents, dubbed the “FinCEN Files,” describe global money laundering of $2 trillion processed by many of the world’s biggest banks between 2000 and 2017. The reveal illuminates the struggle for the financial industry and government to provide ironclad data protection. “This sensational and unprecedented leak clearly demonstrates a wide spectrum of data protection weaknesses…
Audit, Consulting, Professional/Legislative/Compliance Services, Featured, Privacy & Compliance News and Analysis, Security News
Security teams struggle to complete compliance audits under COVID
Don’t expect leniency from regulatory and certification bodies, but at least they are accommodating remote audits.
Commerce imposes prohibitions on TikTok, WeChat
After previously expressing support for Oracle’s planned partnering with TikTok, the Trump administration took a step back from the deal Friday with the Commerce Department putting prohibitions on transactions related to the video-sharing platform and, separately, on the mobile communications app WeChat, both owned by Chinese companies. President Trump had said at a Wednesday news…
APTs/cyberespionage, Corporate News, Government, Privacy & Compliance News and Analysis, Security News
Oracle will inherit TikTok security, privacy headaches
By partnering with the popular Chinese videosharing platform TikTok, Oracle will inherit a laundry list of security and privacy issues once the deal is approved, as soon as Sept. 20, by TikTok parent company ByteDance. TikTok boasts 100 million users in the U.S. and 689 million globally. Earlier this year President Trump threatened to ban…
Featured, Privacy & Compliance News and Analysis, Security News, Vulnerabilities, Web Services Security, E-Commerce Security, Website/Web Server Security
Accidental Airbnb account takeover linked to recycled phone numbers
As it turns out, websites and apps have experienced this commonplace problem for years, and companies could find themselves in violation of data security standards if users’ information were to be exposed.
George Floyd medical records breached; does ‘VIP’ data need bonus security?
Experts told SC Media that the auditing and reporting process is an important component of a health care organization’s data privacy strategy in order to catch violations, and that particular focus should be paid to “records that would be of high interest or curiosity.”
Slack users unwittingly phished with malicious payloads
Since late June, the platform’s file storage domain – slack-files.com – appeared to pop up with far more regularity on the Phish Alert Button, leading KnowBe4 researchers to surmise that Slack users using the referral URL domain, slack-redir.net, are being duped with malicious payloads, raising concerns. And if an attacker can penetrate an organization and take…
Want to read more?
Next post in Phishing
