Privacy & Compliance | SC Media

Privacy & Compliance

Kentucky is 6th state to disclose leak of unemployment claims amid Covid-19

Kentucky has become the sixth state to disclose a data leak related to unemployment-related forms that has taken place during the Covid-19 pandemic. The Kentucky Education & Workforce Development Cabinet (EWDC) on Thursday acknowledged that a vulnerability in its Unemployment Insurance Portal caused a data leak that allowed insurance claimants to view the identity verification…

Colorado, Florida & Ohio become latest states to disclose PUA program data leaks

Colorado, Ohio and Florida have become the latest states to disclose the accidental exposure of information belonging to citizens who applied to the federal Pandemic Unemployment Assistance program as a means of seeking some financial security during the ongoing COVID-19 crisis. In all cases, the states said a very limited number of people inadvertently gained…

Device owners demand opt-out power from COVID-19 contact tracing apps

To encourage widespread acceptance of Bluetooth-based COVID-19 contact tracing applications, developers should allow consumers to opt out of data sharing at any time, and they should also be more forthcoming about their security efforts and data usage, according to the results of a new survey. For the study, Checkmarx polled 1,500 Americans and found that…

Paay open database exposes 2.5M transactions, challenges PCI compliance

The start-up payment processing firm Paay that promotes itself as providing extra security to online transactions called that claim into question when it misconfigured a payment card database, exposing 2.5 million credit card transactions and raising concerns over PCI compliance. New York-based Paay was exposed by security researcher Anurag Sen who found transaction information that…

ACLU: Privacy Concerns abound over location tracking to stop Covid-19 spread

Mobile location data may seem like a promising tool for health officials racing to blunt the frightening spread of COVID-19, but the ACLU warned this week that accuracy issues may limit its effectiveness while raising significant privacy concerns. As the coronavirus sweeps the U.S., sending Americans to the hospital in record numbers and racking up…

Every presidential campaign website executes suspicious third-party code

An analysis of 11 presidential campaign websites performed last September and again in December found multiple instances of potentially risky third-party code, unwanted code execution and unauthorized data tracking. According to a new report from The Media Trust, 81 percent of executing code on these websites was not internally developed, but rather from external third-party…

How privacy and security affect product design

The proliferation of new privacy and security laws imposes diverse, complicated, and at times inconsistent compliance requirements on organizations that handle personal data. Not only do these laws require the protection of individual privacy from intrusion, many of them also involve public concerns like national security and defense, protecting critical infrastructure, social interest, community safety…

antivirus

Czech authorities investigating Avast over recent data collection practices

The Czech Republic’s Office for Personal Data Protection (DPA) said in a brief statement today that it has launched a preliminary investigation into Avast Software s.r.o., following reports that the Prague-based antivirus company collected data from users of its free AV product and sold it via a separate business division. “At the moment we are…

Next post in Security News