iapp.org – Life Hope Labs reached a $16,500 settlement with DHHS over a potential violation of the HIPAA Privacy Rule’s right of access provision. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1610803439369424896
Privacy litigation roundup: Geolocation tracking, children’s privacy, wrongful collection
iapp.org – Here’s a rundown of the latest news related to ongoing privacy litigation in the U.S. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1610833581902860290
Biometric database sold on eBay for $68
iapp.org – A US military-owned biometric database containing personal and biometric data on 2,632 individuals was sold privately on eBay. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1610954518493110272
ACLU pitches biometric privacy bill to US state legislatures
iapp.org – Consumer advocates are lobbying for U.S. state legislatures to take up consumer-focused biometric privacy bills during 2023 legislative sessions. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1610984818161876992
Insurance Journal’s Top Cyber Stories of 2022
insurancejournal.com – From growing ransomware attacks to navigating a remote work environment to regulatory developments to a challenging insurance landscape, 2022 proved to be
CNIL issues 60M euro cookie fine to Microsoft
iapp.org – France’s data protection authority fined Microsoft 60 million euros for alleged third-party cookie violations. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1610562043790200833
Belarus implements cross-border transfer rules
iapp.org – An order by Belarus’ National Center for Personal Data Protection implements rules for the cross-border transfer of personal data. Tweeted by @PrivacyPros https://twitter.com/PrivacyPros/status/1610622479852085249
Cyber Insurance Themes to Look Out for in 2023
insurancejournal.com – As the Roman God Janus (for which of course the month January takes its name) reflects both looking backwards and forwards in transition, the dawn of a
Quebec’s French-First Law Stokes Alarm in Business Community Over Language Police
insurancejournal.com – Businesses in Quebec are looking at all the usual hurdles as they plan for next year: Inflation, supply chains, employee turnover. And then there’s the
Google Paying Indiana $20M to Resolve Privacy Suit
insurancejournal.com – Google will pay Indiana $20 million to resolve the state’s lawsuit against the technology giant over allegedly deceptive location tracking practices,
Top ERP Firm Exposed Half a Million Indian Job Seekers Data
hackread.com – At the time of writing, the misconfigured server was still exposing data to public without any security authentication or password. Tweeted by @hak1mlukha https://twitter.com/hak1mlukha/status/1610123777979068416
RedZei Chinese Scammers Targeting Chinese Students in the U.K.
thehackernews.com – Chinese international students in the U.K. have been facing persistent scams for over a year by Chinese-speaking fraudsters. Tweeted by @JinibaBD https://twitter.com/JinibaBD/status/1609979386974846982
Monarch of North Carolina Announces Data Breach | JD Supra
jdsupra.com – On December 16, 2022, Monarch filed notice of a data breach with the Massachusetts Attorney General as well as the U.S. Department of Health and Human Services Office for Civil Rights… Tweeted by @DevaOnBreaches https://twitter.com/DevaOnBreaches/status/1609717046039941120
Another sports betting entity, BetMGM, suffered a data breach
izoologic.com – The sports betting company BetMGM has admitted that they have experienced a data breach attack resulting in user data theft. Tweeted by @iZOOlogic https://twitter.com/iZOOlogic/status/1609565186486149124
Saudi Arabia’s Alwsata Real Estate Co. Targeted, 14 GB Data Exposed
thecyberexpress.com – Alwsata Real Estate Co is a Saudi Arabian company that deals with housing, rent, accommodations, and mortgage housing opportunities in the region. Tweeted by @TheCyberExpress https://twitter.com/TheCyberExpress/status/1609811193635704841
Ransomware gang cloned victim’s website to leak stolen data
bleepingcomputer.com – The ALPHV ransomware operators have gotten creative with their extortion tactic and, in at least one case, created a replica of the victim’s site to publish stolen data on it. Tweeted by @hhtsecurity https://twitter.com/hhtsecurity/status/1609865622560587776
Medibank faces new year reckoning over hack attacks
smh.com.au – Regulators and proxy advisers have already made it clear that the health insurer’s high command should suffer repercussions, both in terms of pay and job loss, for presiding over the biggest data bre… Tweeted by @StanleyEpstein https://twitter.com/StanleyEpstein/status/1609811351408463873
Scripps ransomware settlement letters arriving in mailboxes
sandiegouniontribune.com – Organization declines to disclose total amount it will pay to those whose records were taken in 2021 Tweeted by @CSA2LLC https://twitter.com/CSA2LLC/status/1609263269876727811
N.J. hospital halts admitting patients after cybersecurity issue
nj.com – The Freehold facility has stopped admitting new patients because of a cybersecurity issue. Tweeted by @riskigy https://twitter.com/riskigy/status/1609200713858486273
Data Breaches Digest – Week 52 2022
dbdigest.com – Daily Digest of Global Data Breaches and Cyber Security News and Advice Tweeted by @the_unswerving https://twitter.com/the_unswerving/status/1609349293139181569