Physician’s personal email hacked; medical records of 7,000 patients potentially compromised

Physician’s personal email hacked; medical records of 7,000 patients potentially compromised

According to the report, a physician working at Calgary’s Richmond Road Diagnostic and Treatment Centre said that his personal Gmail account, which he used to transmit health information, has been hacked.“This breach is unacceptable and should never have occurred and we are certainly apologizing to our patients whose privacy may have been breached,” said Dr. Ted Braun, AHS vice president and medical director for central and southern Alberta.

Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards — Krebs on Security

Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards — Krebs on Security

Hy-Vee, based in Des Moines, announced on Aug. 14 it was investigating a data breach involving payment processing systems that handle transactions at some Hy-Vee fuel pumps, drive-thru coffee shops and restaurants.

Cities Asked Ring to Share ‘Registry Lists’ of Customers Who Bought Surveillance Cameras

Cities Asked Ring to Share ‘Registry Lists’ of Customers Who Bought Surveillance Cameras

Cities and local police departments have asked Ring, Amazon's home security company, to share the names, home addresses, and email addresses of every person who has bought a home surveillance camera through taxpayer-funded subsidy programs Motherboard has learned.

Hacker Ordered to Pay Back Nearly £1 Million to Phishing Victims

Hacker Ordered to Pay Back Nearly £1 Million to Phishing Victims

Grant West , a 27-year-old resident of Kent, England, targeted several well-known companies around the world since 2015 to obtain the financial data of tens of thousands of customers and then sold that data on underground forums in exchange for Bitcoins or other cryptocurrencies.

Xiaomi banks on phone data for finance play in India

Xiaomi banks on phone data for finance play in India

JAKARTA/MUMBAI (Reuters) - China’s Xiaomi (1810.HK) is poised to launch a consumer lending business in India in the coming weeks, making an ambitious tilt at the booming financial services market where data privacy concerns and fierce competition present formidable challenges.

Rogue 'Smart' Ovens Again Highlight How Dumb Tech Is Often The Smarter Choice

Rogue 'Smart' Ovens Again Highlight How Dumb Tech Is Often The Smarter Choice

Which might all be fairly impressive if the oven didn't have a weird habit of turning itself on in the middle of the night: "The first documented overnight preheat occurred in May. A group member wrote that he roasted potatoes around 5PM one night and left them to cool in the oven.

Facebook learned about Cambridge Analytica as early as September 2015, new documents show

Facebook learned about Cambridge Analytica as early as September 2015, new documents show

Facebook said the scraping of public profiles is distinct from the data Cambridge Analytica reportedly used from users' friends who did not consent to sharing their data.Still, the documents show that Facebook was aware of potential policy violations by Cambridge Analytica as early as September 2015.

Android 10: Google Confirms 193 Security Vulnerabilities Need Fixing

Android 10: Google Confirms 193 Security Vulnerabilities Need Fixing

It was also time to address a total of 193 Android security vulnerabilities that Google has confirmed need fixing with the Android 10 release.True to her word, a whole host of new security and privacy features are indeed included as part of the Android 10 release.

A Third of Known Computer Security Flaws Have No Solution

A Third of Known Computer Security Flaws Have No Solution

In the first half of 2019, analysts at computer security firm Risk Based Security (RBS) enumerated a total of 11,092 flaws in computer systems (known as vulnerabilities) that could be exploited by a hacker to take unauthorized actions in another person’s or organization’s system.

Opinion | I Visited 47 Sites. Hundreds of Trackers Followed Me.

Opinion | I Visited 47 Sites. Hundreds of Trackers Followed Me.

For several days this spring, I lived my life through this Invasive Firefox, which logged every site I visited, all the advertising tracking servers that were watching my surfing and all the data they obtained.

Don't Renew Section 215 Indefinitely

Don't Renew Section 215 Indefinitely

That’s despite earlier reports the NSA had shuttered its Call Details Record (CDR) Program because it ran afoul of the law, violated the privacy of scores of Americans, and reportedly failed to produce useful intelligence.

Israel eased export controls on surveillance technologies amid criticism

Israel eased export controls on surveillance technologies amid criticism

Israel is a major exporter of surveillance technology, according to a June 2019 report by U.N. Special Rapporteur for Freedom of Expression David Kaye, which called for a global moratorium on such exports until a human rights compliant regime was put in place.

Political Confessional: The Man Who Thinks Mass Surveillance Can Work

Political Confessional: The Man Who Thinks Mass Surveillance Can Work

People should be able to say what they want without thinking, “The government is going to get me,” unless I’m talking seriously about committing violence.

Facebook, Google, and Oracle cloud are tracking the porn you watch in private

Facebook, Google, and Oracle cloud are tracking the porn you watch in private

“The sites Jack visits, as well as any third-parties trackers, may observe and record his online action,” the study reads.“These third-parties may even infer Jack’s sexual interests from the URLs of the sites he visits.

Fighting the illegal surveillance!

Fighting the illegal surveillance!

The mass surveillance conducted by European governments has on two occasions been struck down by the European Court of Justice.However Danish politicians and telco industry refuse to honor fundamental rights and continue to retain data illegally.You can download the current draft (in Danish) here (pdf).

Millions using 123456 as password, security study finds

Millions using 123456 as password, security study finds

Image copyright AFP Image caption Liverpool FC topped the list of Premier League club names used as passwords Millions of people are using easy-to-guess passwords on sensitive accounts, suggests a study.

Mercedes sparks privacy row over use of location trackers on finance vehicles

Mercedes sparks privacy row over use of location trackers on finance vehicles

Pic: JLR As the use of the sensors is mentioned in the financing agreement, Mercedes does not fall foul of EU data protection laws that prohibit the tracking of vehicles without the knowledge of the driver.

Building a more private web

Building a more private web

So today, we are announcing a new initiative to develop a set of open standards to fundamentally enhance privacy on the web.Starting with today’s announcements, we will work with the web community to develop new standards that advance privacy, while continuing to support free access to content.

Top tip: Don't upload your confidential biz files to free malware-scanning websites – everything is public

Top tip: Don't upload your confidential biz files to free malware-scanning websites – everything is public

By passively observing three such services over the course of three days earlier this month, Cylab hackers were able to collect more than 200 documents, mostly things like purchase orders and invoices.

Ring asks police not to tell public how its law enforcement backend works

Ring asks police not to tell public how its law enforcement backend works

Amazon writes scripts for cops to sling Ring home cameras, report says Law enforcement has access to a companion portal that allows police to see an approximate map of active Ring cameras in a given area and request footage from them in the course of an investigation.

T-Mobile ‘Put My Life in Danger’ Says Woman Stalked With Black Market Location Data

T-Mobile ‘Put My Life in Danger’ Says Woman Stalked With Black Market Location Data

He did this by pretending to be a U.S. Marshal with the "Georgia Fugitive Task Force" to T-Mobile, which then provided Edens with the location of Johnson's phone in a handy Google Maps interface—"pinging" the phone, in industry parlance.

Google and Mozilla move to stop Kazakhstan 'snooping'

Google and Mozilla move to stop Kazakhstan 'snooping'

It comes after reports internet services providers in the country have required people to install a government-issued certificate on all devices and in every browser.

Is Privacy Policy Language Irrelevant to Consumers?

Is Privacy Policy Language Irrelevant to Consumers?

Though many experimental subjects read these privacy policy excerpts closely, subjects who saw the explicit policies did not differ from those who saw vague policies in their assessment of whether their assent to the policies would permit the corporate practices at issue.

Microsoft Contractors Listened to Xbox Owners in Their Homes

Microsoft Contractors Listened to Xbox Owners in Their Homes

Contractors working for Microsoft have listened to audio of Xbox users speaking in their homes in order to improve the console’s voice command features, Motherboard has learned.(Microsoft did not explicitly say humans may review audio recordings from its products in its privacy policy until after Motherboard's earlier reporting on Skype and Cortana).

First half 2019 sees 4,000 data breaches exposing 4B records

First half 2019 sees 4,000 data breaches exposing 4B records

The 2019 MidYear QuickView Data Breach Report by Risk Based Security found that there were 3,816 data breaches during the first six months of the year, up 54 percent, resulting in 4.1 billion records being compromised, up 52 percent.

Google, Mozilla, Apple Block Kazakhstan's Root CA Certificate to Prevent Spying

Google, Mozilla, Apple Block Kazakhstan's Root CA Certificate to Prevent Spying

"When a user in Kazakhstan installs the root certificate provided by their ISP, they are choosing to trust a CA that doesn't have to follow any rules and can issue a certificate for any website to anyone," Mozilla explained in a blog post published today.

Popular Porn Site Breach Exposed 1.2 Million 'Anonymous' User Profiles

Popular Porn Site Breach Exposed 1.2 Million 'Anonymous' User Profiles

Researchers from vpnMentor have discovered a data breach at the popular Luscious porn site that exposed the personal profiles of 1.2 million supposedly anonymous users.

You Can Finally See All Of The Info Facebook Collected About You From Other Websites

You Can Finally See All Of The Info Facebook Collected About You From Other Websites

After a long delay, Facebook is releasing a tool that will allow people to see what kind of information it has collected about their online activity beyond its borders — from the news they read to the shopping websites they visit to the porn they watch — along with an option to dissociate that data from their accounts.

Apple accidentally reopens security flaw in latest iOS version

Apple accidentally reopens security flaw in latest iOS version

Stefan Esser, an iPhone security expert, tweeted an additional warning: “I hope people are aware that with a public jailbreak being available for the latest iOS 12.4 people must be very careful what apps they download from the Apple AppStore.

‘Nothing Kept Me Up At Night the Way the Gorgon Stare Did.’

‘Nothing Kept Me Up At Night the Way the Gorgon Stare Did.’

Now, Holland Michel has written Eyes in the Sky: The Secret Rise of Gorgon Stare and How It Will Watch Us All , a book of startling revelations about drone surveillance in the United States.

More