H&M not alone: Companies often fall short in privacy protections for employees
Many businesses treat information about their own employees differently than that of customers, which could place them squarely in violation of privacy regulations.
About SC Media
Compliance
Featured, Privacy & Compliance, Security News, Vulnerabilities, Web Services Security, E-Commerce Security, Website/Web Server Security
Accidental Airbnb account takeover linked to recycled phone numbers
As it turns out, websites and apps have experienced this commonplace problem for years, and companies could find themselves in violation of data security standards if users’ information were to be exposed.
George Floyd medical records breached; does ‘VIP’ data need bonus security?
Experts told SC Media that the auditing and reporting process is an important component of a health care organization’s data privacy strategy in order to catch violations, and that particular focus should be paid to “records that would be of high interest or curiosity.”
5 Steps organizations should take to ensure CCPA compliance
Now that the California Consumer Privacy Act has officially taken effect, follow these 5 steps to ensure compliance, even if your organization is outside the Golden State. According to the Identity Theft Resource Center, more than 164 million consumer records containing personally identifiable information (PII) were exposed in data breaches in 2019. Seemingly every week…
Kentucky is 6th state to disclose leak of unemployment claims amid Covid-19
Kentucky has become the sixth state to disclose a data leak related to unemployment-related forms that has taken place during the Covid-19 pandemic. The Kentucky Education & Workforce Development Cabinet (EWDC) on Thursday acknowledged that a vulnerability in its Unemployment Insurance Portal caused a data leak that allowed insurance claimants to view the identity verification…
Colorado, Florida & Ohio become latest states to disclose PUA program data leaks
Colorado, Ohio and Florida have become the latest states to disclose the accidental exposure of information belonging to citizens who applied to the federal Pandemic Unemployment Assistance program as a means of seeking some financial security during the ongoing COVID-19 crisis. In all cases, the states said a very limited number of people inadvertently gained…
Application Security, Coronavirus, Mobile Security, Privacy & Compliance, Research, Security News, Web Services Security, E-Commerce Security
Device owners demand opt-out power from COVID-19 contact tracing apps
To encourage widespread acceptance of Bluetooth-based COVID-19 contact tracing applications, developers should allow consumers to opt out of data sharing at any time, and they should also be more forthcoming about their security efforts and data usage, according to the results of a new survey. For the study, Checkmarx polled 1,500 Americans and found that…
Paay open database exposes 2.5M transactions, challenges PCI compliance
The start-up payment processing firm Paay that promotes itself as providing extra security to online transactions called that claim into question when it misconfigured a payment card database, exposing 2.5 million credit card transactions and raising concerns over PCI compliance. New York-based Paay was exposed by security researcher Anurag Sen who found transaction information that…
ACLU: Privacy Concerns abound over location tracking to stop Covid-19 spread
Mobile location data may seem like a promising tool for health officials racing to blunt the frightening spread of COVID-19, but the ACLU warned this week that accuracy issues may limit its effectiveness while raising significant privacy concerns. As the coronavirus sweeps the U.S., sending Americans to the hospital in record numbers and racking up…
Google faces new legal action for violating COPPA
The millions of children now taking online elementary school classes due to COVID-19 has proven to be a boon for Google, however the huge increase in usage comes at a time when the company is being sued by two entities for violating state and federal child privacy regulations for its other learning tools. This week…
Next post in Privacy & Compliance
