I’m
not sure this qualifies as accidental.
Brazil’s
Natura & Co Cosmetics Accidentally Exposes Personal Details of
192 Million Customers
Natura,
one of Brazil’s largest cosmetics companies, accidentally
exposed the personal identifiable information (PII) of nearly 192
million customers.
The
leaky database, discovered last month by Safety Detectives led by
cybersecurity researcher Anurag Seg, was hosted
on two unprotected US-based Amazon servers, and contained
between 272GB and 1.3TB of data belonging to the company.
In
yesterday’s report, the researchers noted that more than “250,000
customers that had previously ordered beauty products from the
website had their personal information made available to the public
without Natura’s
knowledge.”
Was
the same technique used elsewhere? Probably. Then this becomes a
guidebook for other lawsuits.
Canada
fines Facebook almost $6.5 million over ‘false’ data privacy
claims
Rachel
England reports:
Facebook is coughing up for another fine. This time the social network is handing over CAD$9 million (US$6.5 million / £5.3 million) to Canada as part of a settlement over the way it handled users’ personal information between August 2012 and June 2018. According to Canada’s independent Competition Bureau, Facebook “made false or misleading claims about the privacy of Canadians’ personal information on Facebook and Messenger” and improperly shared data with third-party developers.
Read
more on engadget.
I
wish this article was amusing. I think I have used many of their
decode phrases myself.
How
to decode a data breach notice
… The
next time you get a data breach notification, read between the lines.
By knowing the common bullshit lines to avoid, you can understand
the questions you need to ask.
“We
take security and privacy seriously.”
Read:
“We clearly don’t.”
“We
recently discovered a security incident…”
Read:
“Someone else found it but we’re trying to do damage control.”
“Out
of an abundance of caution, we want to inform you of the incident.”
Read:
“We were forced to tell you.”
“There
is no evidence that data was taken.”
Read:
“That we know of.”
When
is evidence entirely off limits?
Alaina
Lancaster reports:
California’s chief justice warned Facebook Inc.’s Gibson, Dunn & Crutcher attorneys that they can expect more court appearances over criminal defendants’ access to private social media messages in order to build a defense.
During a video hearing Tuesday, California Supreme Court Chief Justice Tani Cantil-Sakauye said that the court had never confronted the constitutionality of subpoenaing social media companies for users’ communications and the right to a fair trial, until Facebook v. Superior Court (Touchstone). It’s the same legal question that the U.S. Supreme Court declined to take up Monday in a similar case against Facebook that alleged the company violated two criminal defendants’ Sixth Amendment and due process rights when it refused to comply with their subpoenas.
Read
more on Law.com.
No comments:
Post a Comment