Privacy & Compliance news & analysis | SC Media

Privacy & Compliance News and Analysis

Twitter hackers accessed direct messages for 36 accounts

The hackers who ran a cryptocurrency scam using high-profile, verified Twitter accounts, including those belonging to Joe Biden, Apple, Bill Gates, Uber and Barack Obama, accessed the direct messages (DMs) of 36 accounts and downloaded account data from eight accounts via “Your Twitter Data.” There is no indication that the DMs of any former or…

U.K. Covid-19 Test and Trace violated GDPR

The U.K. government violated data privacy regulated Europe’s GDPR by implementing a NHS Test and Trace program to monitor the spread of COVID-19 without also establishing a required Data Protection Impact Assessment (DPIA). Privacy advocacy organization Open Rights Group (ORG) issued a complaint against Public Health England (PHE), which launched the program on May 28,…

EU court kills Privacy Shield, wreaks havoc on digital economy

The EU court decision in the Schrems II case that effectively kills the Privacy Shield pact hammered out four years ago between the U.S. and EU could cripple multinational companies’ ability to operate as they scramble to scrutinize their data transfer mechanisms. “This is a stunning and completely unexpected decision. In invalidating the Privacy Shield framework,…

Is TikTok out of time? Experts mull implications of ban

Edicts by Wells Fargo, India and the U.S. military forbidding use of popular Chinese video-sharing app TikTok, may portend a national ban and raise questions if such a prohibition would be practical and enforceable, and what the greater implications would be. Owned by Beijing-based internet technology company ByteDance, TikTok has been downloaded more than 2…

Revengeful hacker leaks database info after researcher threatens to reveal identities

A hacker going by the name of NightLion apparently breached the backend servers at data leak monitoring service DataViper and exfiltrated data, including more than 8,200 databases, as an act of revenge against a security researcher who plans to reveal the identity of Shiny Hunters, Gnostic Players, #TheDarkOverlord and other subgroups. DataViper, managed by Night…

Flaws in SETracker watch app posed danger to dementia patients

Security researchers found flaws in a smart tracker that was aimed at the elderly, especially those with dementia or other cognitive issues. In research released late this week, Pen Test Partners found flaws in source code that the manufacturer posted publicly. Most of the watches use SETracker as a backend, an app owned by the…

money

Frequency, size of fines for failing to secure data will grow by 2025, report

A little over two years since GDPR took effect and a few days after California began to enforce the CCPA, a study found more than one-third – 37 percent – of U.K. cybersecurity professionals expect the number and monetary amount of fines their employers face for not adequately safeguarding data will increase by 2025 even…

Personal home router

Home routers largely unpatched, raising risk during Covid-19 WFH

Employers who have suddenly shifted a large percentage of their workforce to remote due to Covid-19 no doubt will shudder by the findings of a new Fraunhofer Institute for Communication, Information Processing and Ergonomics study that concluded no home router was without security vulnerabilities. The German tech think tank analyzed 127 home routers from seven…

EARN IT passes Senate Judiciary, stokes concerns over erosion of end-to-end encryption

Proponents of the Eliminating Abusive and Rampant Neglect of Interactive Technologies Act (EARNIT) might tout its tough stance on online child sexual abuse material but privacy and digital rights advocates contend the bill, just passed by the Senate Judiciary Committee, will erode end-to-end encryption. EARN IT revokes Section 230 protection for internet intermediaries for what…

Next post in Encryption/Data Security