Saturday, March 21, 2020


Amazon: Too essential to shut down?
We’re all going to get sick eventually’: Amazon workers are struggling to provide for a nation in quarantine
Amazon is positioning itself as an ‘essential’ service during the pandemic — a move that benefits the company and puts its warehouse workers and drivers in danger




What are the odds you are included?
Report: unidentified database exposes 200 million Americans
The CyberNews research team uncovered an unsecured database owned by an unidentified party, comprising 800 gigabytes of personal user information. The database in question was left on a publicly accessible server and contained more than 200 million detailed user records, putting an astonishing number of people at risk.
On March 3, 2020, the entirety of the data present on the database was wiped by an unidentified party.
Click HERE to see if your data has been leaked.
It seems that much of the data on the main folder might have originated from the United States Census Bureau. Certain codes used in the database were either specific to the Bureau or used in the Bureau’s classifications.


(Related) This happens when managers fail to check their processes.
Unprotected Database Exposed 5 Billion Previously Leaked Records
An Elasticsearch instance containing over 5 billion records of data leaked in previous cybersecurity incidents was found exposed to anyone with an Internet connection, Security Discovery reports.
The database was identified as belonging to UK-based security company Keepnet Labs, which focuses on keeping organizations safe from email-based cyber-attacks. It contained data leaked in security incidents that occured between 2012 and 2019.
The Elasticsearch instance, Security Discovery’s Bob Diachenko reveals, had two collections in it: one containing 5,088,635,374 records, and another with over 15 million records. This second collection was being constantly updated.
The researcher immediately alerted Keepnet Labs, which took the database offline within an hour.




Trying to keep up...
Vermont Enacts Data Breach Notification and Student Privacy Legislation
Earlier this month, the Governor of Vermont signed into law S.B. 110, which will amend the state’s data breach notification law and create a new student privacy law focused on operators of educational technology services. Notably, the amendments to the state’s data breach notification law will expand the categories of personally identifiable information (“PII”) that may trigger notification obligations to individuals and regulators in the event of a breach to include online account credentials, health and medical information, and biometric and genetic data, among others. The student privacy law will place certain restrictions on how student data can be collected, used, and disclosed by operators of online educational technology services. The new requirements, which will enter into force on July 1, 2020, are discussed in more detail below.




Rounding out my understanding.
COVID-19, Scientific Research and the GDPR – Some Basic Principles
As scientists work around the clock to gain insights into the Corona virus and how to fight it, public and private-sector stakeholders are in discussions to promote the rapid exchange of scientific data. During these discussions, the GDPR acronym inevitably rears its head and casts doubt over what is lawful. The GDPR and national data protection laws can, and often do, complicate the matter of sharing personal data, and health data in particular. We provide some general pointers below to help demystify the GDPR and explain its impact.




Could be useful if you are stuck at home.
Become an Overnight Netflix Pro: 50+ Tips and Tricks You Should Know




Something to do…
Getting Bored? Here's A List Of Free Things That Weren't Free Before Coronavirus



No comments: