Privacy & Compliance news & analysis | SC Media

Privacy & Compliance News and Analysis

Firefox announces Enhanced Tracking protection

Mozilla’s Firefox announced it will not enable Enhanced Tracking Protection (ETP) by default while at the same time updating Facebook Container, Firefox Monitor and Lockwise. The updated features mean Firefox will now block known third-party trackers by default making it more difficult for thousands of companies to track moves, according to a June 4 blog…

Calif. Assembly passes CCPA amendment that would exclude employee data from protections

The California Assembly on May 29 passed AB 25, an amendment to the California Consumer Privacy Act of 2018 that would exclude employees and job applicants from the legislation’s definition of “consumer.” The proposed law, which passed unanimously 77-0-3, is now in the hands of the California Senate. Under the terms of the amendment, an…

Assange won’t face charges for Vault 7 releases, report

The Justice Department reportedly won’t indict WikiLeaks founder Julian Assange for his part in the release of the CIA’s Vault 7 hacking tools in part because it would require revealing top secret information that could compromise the intelligence community’s activities. While the government’s recent decision to prosecute Assange under the Espionage Act was both surprising…

Researchers observe databases being encrypted, websites held for ransom

Theta360 leak exposes 11 million photos, user data

An open database exposed at least 11 million photographs after the Theta360 photo sharing system run by Ricoh was breached. “The data breach exposed thousands of users’ photos, many of whom chose to keep their images private,” according to a blog post from vpnMonitor, whose researchers, Noam Rotem and Ran Locar, discovered the database. “The breach…

Nonprofit People Inc. info exposed after two employee email accounts breached

Nonprofit People Inc. has notified nearly 1,000 of its current and former clients that personal information was exposed after email accounts of two employees had been breached. The organizations said it discovered on February “that an unknown individual had gained access to an email account belonging to a People Inc. employee,” according to an alert. …

Exposed files saw 50 percent uptick in last year

In the year since the Digital Shadows Photon Research Team released its “Too Much Information” report, the volume data exposed through online files stores like Amazon S3 buckets, SMB-enabled file shares, and network attached storage (NAS) drives increased 50 percent – or 750 million files – in with researchers finding 2.3 billion files exposed. The…

Leaky Chinese database exposes 42.5 million records from data apps

An unsecured Elastic database seemingly owned by an entity in China has exposed 42.5 million records of dating app users, most of them American. “The strange thing about this discovery was that there were multiple dating applications all storing data inside this database,” security researcher Jeremiah Fowler, who discovered the database, wrote in a blog…

WordPress Slick Popup plugin could leave backdoor open to hackers

A vulnerability in the plugin Slick Popup lets hackers get into a WordPress website through a backdoor administrator account. The flaw, found in all versions of Slick Popup up to 1.71 and discovered by researchers at Defiant, is in a feature designed to give the plugin’s developer, Om Ak Solutions, access to websites running Slick…

A hacker claims to have leaked vendor account information including encrypted passwords.

Events planning company database exposes more than 200,000 records

Australia-based events planning company Amazingco leaked more than 200,000 records after an Elastic database was left unprotected and accessible by anybody with a browser. The database, since shutdown, housed 174,000 records in a folder called “Customers,” that a folder contained “names, email, phone numbers, addresses, and notes about the events,” Jeremiah Fowler, the researcher who…

First American Financial website leaked 885 million documents

About 885 million documents, including bank account numbers, mortgage records, Social Security numbers, drivers’ license images and tax records, have been leaked by First American Financial Corp.’s website.’ Anyone with a web browser and a URL for a legitimate document could access the real estate title company’s records, according to a report by KrebsOnSecurity, which…

Next post in Security News