UK’s Police Federation hit by ransomware

The U.K.’s Police Federation has confirmed it’s been hit by a cyberattack. The union-like organization, representing 119,000 police officers across the 43 forces in England and Wales, described the event as ransomware in a statement shared on Twitter. The ransomware attack hit computers at the federation’s Surrey headquarters on March 9, but was only revealed […]

View More UK’s Police Federation hit by ransomware

Gearbest security lapse exposed millions of shopping orders

Gearbest, a Chinese online shopping giant, has exposed millions of user profiles and shopping orders, security researchers have found. Security researcher Noam Rotem found an Elasticsearch server leaking millions of records each week, including customer data, orders, and payment records. The server wasn’t protected with a password, allowing anyone to search the data. Gearbest ranks […]

View More Gearbest security lapse exposed millions of shopping orders

LinkedIn forced to ‘pause’ mentioned in the news feature in Europe after complaints about ID mix-ups

LinkedIn has been forced to ‘pause’ a feature in Europe in which the platform emails members’ connections when they’ve been ‘mentioned in the news’. The regulatory action follows a number of data protection complaints after LinkedIn’s algorithms incorrect matched members to news articles — triggering a review of the feature and subsequent suspension order. The […]

View More LinkedIn forced to ‘pause’ mentioned in the news feature in Europe after complaints about ID mix-ups

California to close data breach notification loopholes under new law

California, which has some of the strongest data breach notification laws in the U.S., thinks it can do even better. The golden state’s attorney general Xavier Becerra announced a new bill Thursday that aims to close loopholes in its existing data breach notification laws by expanding the requirements for companies to notify users or customers […]

View More California to close data breach notification loopholes under new law

Even the IAB warned adtech risks EU privacy rules

A privacy complaint targeting the behavioral advertising industry has a new piece of evidence that shows the Internet Advertising Bureau (IAB) shedding doubt on whether it’s possible to obtain informed consent from web users for the programmatic ad industry’s real-time bidding (RTB) system to broadcast their personal data. The adtech industry functions by harvesting web users’ data, […]

View More Even the IAB warned adtech risks EU privacy rules

What business leaders can learn from Jeff Bezos’ leaked texts

Joel Wallenstrom Contributor Joel Wallenstrom is president and chief executive of Wickr, a secure communications company. Before Wickr, Joel co-founded iSEC Partners, one of the world’s leading information security research teams, later acquired by NCC Group, and served as Director for Strategic Alliances at @stake, one of the very first computer security companies in the […]

View More What business leaders can learn from Jeff Bezos’ leaked texts

ClassPass, Gfycat, StreetEasy hit in latest round of mass site hacks

In just a week, a single seller put close to 750 million records from 24 hacked sites up for sale. Now, the hacker has struck again. The hacker, whose identity isn’t known, began listing user data from several major websites — including MyFitnessPal, 500px and Coffee Meets Bagel, and more recently Houzz and Roll20 — earlier this week. […]

View More ClassPass, Gfycat, StreetEasy hit in latest round of mass site hacks

Marriott now lets you check if you’re a victim of the Starwood hack

Hotel chain giant Marriott will now let you check if you’re a victim of the Starwood hack. The company confirmed to TechCrunch that it has put in place “a mechanism to enable guests to look up individual passport numbers to see if they were included in the set of unencrypted passport numbers.” That follows a statement […]

View More Marriott now lets you check if you’re a victim of the Starwood hack

Hacker who stole 620 million records strikes again, stealing 127 million more

A hacker who stole close to 620 million user records from 16 websites has stolen another 127 million records from 8 more websites, TechCrunch has learned. The hacker, whose listing was the previously disclosed data for about $20,000 in bitcoin on a dark web marketplace, stole the data last year from several major sites — […]

View More Hacker who stole 620 million records strikes again, stealing 127 million more

Singapore says personal details of 14,200 HIV patients were posted online

For the second time inside a year, private health information belonging to people in Singapore has been compromised. Following a hack disclosed last summer that affected the patient records of up to 1.5 million citizens, Singapore’s Ministry of Health revealed today that personal details and the HIV-positive status of 14,200 people were posted online by a convinced […]

View More Singapore says personal details of 14,200 HIV patients were posted online

5 VPNs and password managers on sale in honor of International Data Security Day

Ladies, gentlemen, and everyone smart enough to know that gender is nothing but a social construct: Your attention, please.

It’s Data Privacy Day, y’all.
Recognized internationally, today’s “holiday” is meant to raise awareness about the importance …

View More 5 VPNs and password managers on sale in honor of International Data Security Day

Massive mortgage and loan data leak gets worse as original documents also exposed

Remember that massive data leak of mortgage and loan data we reported on Wednesday? In case you missed it, millions of documents were found leaking after an exposed Elasticsearch server was found without a password. The data contained highly sensitive financial data on tens of thousands of individuals who took out loans or mortgages over […]

View More Massive mortgage and loan data leak gets worse as original documents also exposed