Timehop, the social media app that resurfaces older social media posts for entertainment, says its ongoing investigation has revealed that an attacker may have compromised more personal information than it previously suspected over the course of a breach that lasted at least seven months.
An Australian company that issues identity cards for access to airports has been notifying applicants and cardholders that their personal information may have been compromised, according to a news report. Australian federal police are investigating.
The latest edition of the ISMG Security Report features a discussion of California's groundbreaking new privacy law as well as an update on the potential impact of the hacker group responsible for the Ticketmaster breach.
Organizations in India must strive to quickly comply with the EU's GDPR, which is becoming a global standard, and also draft its own national privacy regulations, says Sanjay Sahay, additional director general, cyber, Karnataka Police.
Australian medical booking platform HealthEngine offered AU$25 (US$19) gift vouchers to dental patients who sent photos of their treatment invoices to the company, which it positioned to patients as "invaluable" research. Privacy experts say the company may have fallen afoul of Australian privacy guidelines.
Leading the latest edition of the ISMG Security Report: CipherTrace CEO Dave Jevans discusses recent research on cryptocurrency money laundering and whether regulation is possible. Plus, California passes a new privacy law.
In the age of GDPR, more organizations are looking to data classification - including more automated techniques for doing so - as a way to not only help them protect their crown jewels, but in the case of a breach quickly identify what went missing, says Digital Guardian's Tony Themelis.
A coding mistake by an electronic health records vendor has resulted in a data breach impacting thousands of United Kingdom patients. But the incident also serves as a reminder to healthcare entities in the U.S. and elsewhere about the variety of data privacy and security risks vendors can pose.
Google says it closely vets third-party party applications that peek into Gmail boxes. But an investigation by the Wall Street Journal raises questions if consumers are fully aware of the consequences of granting access to third-party apps and the practices of email-scanning companies.
The Virtual ID system that can be used in lieu of Aadhaar number for identity verification is now operational across banks and enterprises. However, UIDAI has extended its migration deadline to Aug. 31 to enable all organizations to be ready. Experts weigh in on the enterprise readiness for Virtual Aadhaar.
Companies are sending notification emails about a data breach at Typeform, a software-as-a-service platform for distributing and managing surveys, questionnaires and competitions. The breach is so far known to affect Travelodge, Fortnum & Mason, Monzo bank and the Tasmanian Electoral Commission.
Numerous technology firms now offer facial biometrics recognition search tools for big data sets. But information security expert Alan Woodward warns that these big data sets must be "considered and regulated very heavily" or else we'll be "living in 1984 without knowing it."
Facebook has responded to more than 2,000 questions posed by U.S. Senate and House committees with 747 pages of answers, which reveal that Facebook was still been providing special access to user data to dozens of companies, six months after it says it had stopped doing so in 2015.