Could Equifax have suffered a second data breach following the massive hack exposing the personal information of more than 145.5 million consumers? It’s possible, according to a security researcher who claims to have found a second, separate security vulnerability within the company. [More]
Data & Privacy
Stolen Backpack Leads To $52,310 Surprise Medical Bill
Sadly, it’s not uncommon for people to face sudden, unexpected and expensive medical bills. It’s also becoming increasingly normal to find out that your identity has been stolen. These two worlds collide in the story of a California man who recently found out he was being charged gobs of money by a hospital for a medical procedure someone had performed using his identity. [More]
What Can Voice-Activated Device Makers Legally Do With Recordings Of Kids’ Voices?
From your watch to your TV to your crockpot to your kids’ toys, the products we use in our home are increasingly voice-activated. Unlike previous generations of devices, these newer ones are listening, getting smarter, adapting to multiple users with different accents and cadences. To do that, they listen to, record, and often transmit recordings, of everyone in earshot of the device — including kids, whose private details are specifically protected by federal law, but who sometimes end up ordering hundreds of dollars worth of cookies. So how can Amazon, Google, Apple, or any tech company legally make an always-on device that doesn’t violate your little one’s privacy? [More]
Twitter Puts Timeline On Curbing Hateful Abuse; For Real This Time. No, Seriously
Ever since it gave birth to its first anonymous, hateful egg, Twitter has been promising to do something to repair its reputation as a verbal battle royale of vitriolic threats and malicious dog-piling. After a decade of half-steps (and steps back, in some cases), Twitter has now given an actual timeline for when it will implement what it hopes are policy changes that will result in a less menacing social media platform — but can Twitter actually stuff its nasty genie back in the bottle? [More]
The Many Ways In Which Your Kid’s Smartwatch Can Be Hacked
Most of us aren’t going to spend hundreds of dollars on an Apple Watch for our kids, but there are many less-expensive, kid-targeted smartwatches available. Unfortunately, a new report claims that your young one’s tiny screen may also be a huge privacy risk. [More]
Pizza Hut Alerts Customers Of Possible Theft Of Credit Card & Other Info
Tens of thousands of Pizza Hut customers received something unexpected this weekend. No, not a pizza, but notice that their credit card information may have been impacted during a security breach at the pizza company… two weeks ago. [More]
The Best Bits From John Oliver’s Takedown Of The Equifax Scandal
Equifax, the credit bureau that ignored warnings and failed to update its software, leading to a data breach that exposed private information for half the U.S. adult population, stepped into the crosshairs of Last Week Tonight’s John Oliver on Sunday, adding a bit of levity to this otherwise dire ongoing scandal. [More]
Researchers Discover WiFi Vulnerability Affecting Basically Every Device On Earth
Well, there’s cheerful news to start off the week: Researchers have discovered and disclosed a massive WiFi vulnerability that puts everyone’s private data at risk. How massive? Basically, if you can read this story, congratulations — you’re almost certainly affected. [More]
Increased Use Of Machine Learning, Facial Recognition Outs Sex Workers’ Real Names
If you operate a video-sharing site with millions of user-uploaded clips, it sounds like a great idea to use software that is smart enough to identify some of the faces in those videos. The clips would be indexed more accurately, you might be able to more readily identify copyrighted content, but you could also be risking the privacy — and maybe the physical well-being — of those identified by the software. [More]
IRS Has Second Thoughts About Giving $7.2M Fraud-Prevention Contract To Equifax
What does it take for the Internal Revenue Service to realize that maybe, just maybe, it picked the wrong company to award a $7.25 million fraud-prevention contract? It wasn’t enough that Equifax’s network was so poorly prepared for a hack that a months-long cyber attack compromised the sensitive information of more than 140 million Americans. And then that same company may have served up malware to consumers visiting its publicly available website. Whatever the reason, the IRS has finally begun to realize Equifax might just be absolutely terrible at its job. [More]
Equifax Takes Part Of Its Website Offline Over Concerns About Malware
Following a report that its consumer-facing website may have been serving up malware to visitors, Equifax — the credit bureau that seems intent on finding every way possible to ruin your day — has pulled some of its web pages offline. [More]
Equifax Website Reportedly Served Up Malware To Some Users
Update: Equifax has taken some pages temporarily offline following the report about malware. [More]
T-Mobile Fixes Bug That Exposed Customers’ Personal Info
T-Mobile patched a vulnerability on its website last week that could have exposed the personal information — including email addresses, account numbers, and other data — of its 76 million users. [More]
Uber Facing At Least 5 Federal Investigations, Claims Report
Uber’s recent woes — a $20 million text message spamming settlement, an ousted CEO, investigations into sneaky software, and other issues — continue to deepen, as the Department of Justice has now reportedly opened at least five investigations into the company and its business practices. [More]
Judge Reins In DOJ’s Attempt To Get Info On Users Of Anti-Trump Site
A judge in Washington, D.C., has thrown a wrench into the Justice Department’s effort to collect information on people who communicated through a website site critical of President Trump, ruling that the DOJ “does not have the right to rummage through the information” on the site to “discover the identity of, or access communications by, individuals not participating in alleged criminal activity.” [More]
Discover Freaks Out Customers With Email About “Recent Data Breach”
Imagine that you open up your email and find a message from your credit card company with the attention-getting subject line, “Important: What you can do now about the recent data breach.” Would you think that Discover had had a customer data breach? You wouldn’t be alone. [More]