Despite having the Information Technology Act, which covers aspects of privacy, India needs a separate privacy law along the lines of the EU's General Data Protection Act, argues cyber lawyer Vaishali Bhagwat.
This edition of the ISMG Security Report includes an analysis by Executive Editor Matthew J. Schwartz on President Donald Trump's changing views on election meddling, plus an update on voter data being accidently exposed by a robocalling company.
RoboCent, a company that specializes in robocalling voters, left nearly 3,000 files containing detailed data about Virginia voters online by mistake. The data has been secured, but the incident points again to ongoing problems of security misconfigurations in repositories and lack of end-to-end encryption.
A ministry of agriculture website in India lacks basic security measures, risking exposing personal data of millions of farmers who use the site to obtain crop insurance, a security practitioner who uses the site has pointed out.
Silicon Valley employees are increasingly calling on executives to restrict the use of facial recognition technology, mobilized in part by the U.S. government's previous policy of separating children from parents at the border. Experts say facial recognition regulations are needed - and quickly.
Asked in a press conference if he would denounce Russia for interfering in U.S. elections, President Trump responded with a conspiracy theory about a missing DNC server. Some security experts say Trump's response was nonsense and flies in the face of good digital forensics and incident response practice.
Medical laboratory testing firm LabCorp is investigating a weekend cyberattack on its IT network, which resulted in the company taking certain processes offline. The attack is just the latest cyber assault on the healthcare sector.
"We are living in difficult times ... when the government data is the most vulnerable," says Jayesh Ranjan, principal secretary-IT, electronics and communications & industries and commerce, government of Telangana. He calls for creating "a strong institutional mechanism" to tackle threats.
The hacking of an email account of a medical clinic employee during travels overseas demonstrates the risks posed to data when workers travel. Security experts offer insights on mitigating those risks.
Timehop, the social media app that resurfaces older social media posts for entertainment, says its ongoing investigation has revealed that an attacker may have compromised more personal information than it previously suspected over the course of a breach that lasted at least seven months.
Known losses due to business email compromise have exceeded $12.5 billion worldwide, the FBI's Internet Complaint Center reports, adding that fraudsters are increasingly targeting the U.S. real estate sector with such scams.
Hospitals need to improve their efforts to update the software in their medical devices to minimize vulnerability to malware, says Minatee Mishra, lead engineer, security center of excellence, at Philips Health Tech, India.
An Australian company that issues identity cards for access to airports has been notifying applicants and cardholders that their personal information may have been compromised, according to a news report. Australian federal police are investigating.