Privacy & Compliance | SC Media Privacy & Compliance

Privacy & Compliance

Leaky Gekko Group database exposes info on hotel brands, travelers

European hotel booking platform provider Gekko Group mistakenly stored over 1 terabyte of information on a publicly configured server, exposing troves of data related to its hotel B2B clients, as well as travel agents and their customers. The majority of the exposed data was collected by Gekko brands Teldar Travel, which provides a booking system…

It’s privacy vs. innovation as Google collects data on 50 million medical patients

Google and health care provider organization Ascension have publicly confirmed a recent report that the two companies have embarked on a massive initiative to aggregate the data of roughly 50 million patients and store it on the cloud. The companies say it will improve patient care and administration, but the strategy has also sparked concern…

With election on horizon, U.K.’s Labour Party contends with DDoS attacks

The U.K. Labour Party’s digital platforms have been the target of distributed denial of service attack activity since yesterday, impeding access to the political body’s main website. The initial wave of DDoS attacks took place on Nov. 11. Multiple news reports today quoted a Labour Party spokesperson as saying that the barrage of fake traffic…

Automakers pen 'privacy principles' for in-car technology

California DMV exposed drivers’ SSN details to federal gov’t officials

For at least the last four years, the California Department of Motor Vehicles had mistakenly given seven government entities access to Social Security number information pertaining to roughly 3,200 drivers and license applicants, the state agency has admitted in a data breach notification. “You are being sent the attached Notice regarding the disclosure of Social…

Google fined $170M for allegedly improper collection of kids’ data from YouTube channels

The Federal Trade Commission and New York Attorney General’s office today announced that Google and its subsidiary YouTube agreed to an unprecedented $170 million in fines for allegedly using cookies to harvest personal data from minors without parental consent and then serve behavioral ads based on this information. Such actions are in violation of the…

Facebook publicly releases emails related to data scraping, Cambridge Analytica

Facebook late last week released a string of emails that discuss the social media giant’s internal conversation over the possibility that some Facebook contractors were violating the company’s terms of service when extracting data from profiles. The documents were released due to agreement between Facebook and the District of Columbia attorney general’s office. Facebook originally…

UK businesses far more confident re GDPR than their European counterparts

Researcher: GDPR’s Right of Access policy can be abused to steal others’ personal info

An Oxford University scholar says he was able to trick dozens of European companies into sending him sensitive data about his fiancée, simply by impersonating her while invoking GDPR’s “Right of Access” policy. Doctor of philosophy student James Pavur, who presented his research findings Thursday at the Black Hat conference in Las Vegas, exploited the policy…

FTC levies historic fine on Facebook for privacy violations

The U.S. Federal Trade Commission today announced that it has penalized Facebook $5 billion as punishment for what it described as deceptive privacy practices, and imposed new restrictions on the social media giant. Facebook likewise announced that it has agreed to the terms of the deal. In conjunction, the Department of Justice officially filed a…

Computer password inventor Fernando Corbató dies at 93

Pioneering computer scientist Fernando “Corby” Corbató, regarded as the inventor of the computer password and a key contributor in the development of time-sharing computer systems, died last Friday, July 12, in Newburyport, Massachusetts at the age of 93. Corbató’s Compatible Time-Sharing System (CTSS) allowed multiple users to work on a computer simultaneously, according to an…

Next post in Network Security