Privacy & Compliance news & analysis | SC Media Privacy & Compliance News and Analysis

Privacy & Compliance News and Analysis

Leaky Gekko Group database exposes info on hotel brands, travelers

European hotel booking platform provider Gekko Group mistakenly stored over 1 terabyte of information on a publicly configured server, exposing troves of data related to its hotel B2B clients, as well as travel agents and their customers. The majority of the exposed data was collected by Gekko brands Teldar Travel, which provides a booking system…

github_1439470

Report: GitHub repository exposes WeWork customer contracts

Data belonging to clients of shared workspace company WeWork was reportedly left exposed and accessible to the public via GitHub, while a web portal separately leaked information on prospective customers. Mossab Hussein, security researcher from Dubian-based spiderSilk, discovered the data mismanagement and reported it to Vice/Motherboard, which published a report on the findings today. The…

Nikki Haley used unclassified system for classified messages

Former UN Ambassador Nikki Haley sent classified information over an unclassified email system. As her staff was crafting her response to North Korea testing an intercontinental ballistic missile, Haley was communicating with them from home using her Blackberry 10 after losing her password to the classified system, according to documents obtained through a FOIA request…

Open database exposes 93K files on patients of substance abuse facilities

A misconfigured AWS s3 storage bucket reportedly exposed roughly 93,000 billing files that contain information on patients of three drug and alcohol addiction facilities operated by San Juan Capistrano, California-based Sunshine Behavioral Health, LLC. Patients at SBH’s Monarch Shores location in San Juan Capistrano; Chapters Capistrano facility in San Clemente, Calif.; and Willow Springs Recovery…

It’s privacy vs. innovation as Google collects data on 50 million medical patients

Google and health care provider organization Ascension have publicly confirmed a recent report that the two companies have embarked on a massive initiative to aggregate the data of roughly 50 million patients and store it on the cloud. The companies say it will improve patient care and administration, but the strategy has also sparked concern…

With election on horizon, U.K.’s Labour Party contends with DDoS attacks

The U.K. Labour Party’s digital platforms have been the target of distributed denial of service attack activity since yesterday, impeding access to the political body’s main website. The initial wave of DDoS attacks took place on Nov. 11. Multiple news reports today quoted a Labour Party spokesperson as saying that the barrage of fake traffic…

Automakers pen 'privacy principles' for in-car technology

California DMV exposed drivers’ SSN details to federal gov’t officials

For at least the last four years, the California Department of Motor Vehicles had mistakenly given seven government entities access to Social Security number information pertaining to roughly 3,200 drivers and license applicants, the state agency has admitted in a data breach notification. “You are being sent the attached Notice regarding the disclosure of Social…

facebook

Facebook app developers told to delete group member info

For the last 18 months some of Facebook’s developers have had access to private user information contained within some of the social media site’s groups. The information was accessible through the Facebook Group’s API which allowed those developing apps for a group to see information such as names and profile pictures in connection with group…

Steyer aide resigns after accessing volunteer data collected by Harris campaign

Presidential candidate Tom Steyer’s campaign said it doesn’t possess the volunteer voter data collected by Sen. Kamala Harris’s campaign that was lifted by Steyer aide Dwane Sims, who accessed the information via an account he had while working with the South Carolina Democratic Party. “We take this matter very seriously, and that is why we…

Next post in Security News