More than a year after a Chicago resident filed a class-action lawsuit against Uber, claiming the company violated federal law by sending unsolicited text messages to people who want nothing to do with the service, the ride-hailing company has agreed to pay $20 million to put the legal challenge behind it. [More]
Data & Privacy
Equifax Security Failings Were Flagged By Wall Street Firm More Than A Year Ago
By 10.6.17
A company that supplies stock market indexes reportedly warned investors in August 2016 that Equifax, one of the nation’s three major credit bureaus, appeared to be ill-equipped to fight off a sophisticated cyber attack. Apparently Equifax didn’t get that warning; otherwise, hackers may have been prevented from accessing the sensitive financial information for more than 140 million Americans. [More]
Report: Russian Hackers Stole NSA Data By Using Kaspersky Software
By 10.6.17
For months, government agencies have been warning that popular antivirus software could be giving Russian intelligence agencies a back door into American computers and secrets. Now a new report says not only that it could happen, but that it already has, at least once. [More]
Mattel Scraps Always-On ‘Aristotle’ Monitor Amid Slew Of Privacy Concerns
By 10.5.17
Facing a new wave of privacy questions from lawmakers, consumer advocates, and concerned parents, Mattel has decided that it won’t go ahead with its delayed launch of Aristotle, the always-listening kid monitor designed to track and learn about your child from birth through adolescence. [More]
Sonic Confirms Payment System Attack, Offers Pointless Credit Monitoring
By 10.4.17
As we learned last week based on information from people in the banking industry, payment cards used at Sonic Drive-In locations have been linked to suspicious transactions. Sonic confirmed today that its payment systems were indeed breached in a malware attack, potentially by crooks seeking payment card numbers. [More]
Are The Social Security Number’s Days Numbered?
By 10.4.17 — Updated: 10.11.17
Though we may treat our Social Security numbers like confidential information, those nine digits are just about everywhere: Your bank, school, cable company, phone company, and more probably have this information, and may not be storing it securely. In a world where everything from fast food chains to massive global accounting firms are vulnerable to cybercrime, some are wondering if it’s time to say goodbye to the SSN. [More]
Monopoly Guy’s Presence Dramatically Improves Senate Hearing
By 10.4.17
If you were probably watching this morning’s Senate hearing on the Equifax hack, you may have seen something out of the corner of your eye and asked, “Did I just see Rich Uncle Pennybags from Monopoly sitting behind the Equifax CEO?” Yes, yes you did. [More]
Everyone Gives Facebook Their Data, But Nobody Trusts Facebook With It
By 10.4.17
Facebook is one of the biggest companies in the entire world. More than 26% of the entire population of Earth uses it, in one way or another, including roughly 230 million Americans… but it seems that the vast majority of us are aware that although we let Facebook have our data, we shouldn’t trust them with it. [More]
IRS Awards $7.25M Fraud-Prevention Contract To Equifax Despite Failure To Secure Consumers’ Data
By 10.4.17
This week, various members of Congress are verbally flogging Equifax over the recently revealed data breach that compromised the personal information of around 145 million people. Meanwhile, the folks down the road at the Internal Revenue Service apparently aren’t concerned about incompetence, awarding Equifax a multimillion-dollar contract for — sigh — fraud-prevention services. [More]
Verizon Now Says That All Yahoo Accounts Were Probably Compromised By Massive Hack
By 10.3.17
Last year, Yahoo revealed that some 1.5 billion accounts — representing about 1 billion users — had been compromised by a data breach going back years. Now that Yahoo’s new parent company Verizon has had a chance to investigate it turns out that the number of accounts compromised by the hack was… well, every single one of them. [More]
Equifax Says 2.5M More Customers Affected By Breach; Ex-CEO Apologizes To Congress
By 10.3.17
When 143 million people have already been affected by a massive data breach at one of the three major credit reporting agencies, what’s a few million more? That’s apparently the reality for Equifax, which upped its estimate of how many consumers were affected in the hack just hours before company executives were scheduled to discuss the incident with lawmakers. [More]
Birchbox Says It Will No Longer Share Gift Recipients’ Addresses
By 10.2.17
Days after Consumerist highlighted privacy concerns related to Birchbox sharing the personal addresses of gift recipients with the person who sent the gift, the company says it has changed its practices. [More]
The Equifax Executive Who Oversaw Security Also Approved Last-Minute Stock Sales
By 10.2.17
Right before Equifax revealed that it had failed to secure the information of some 143 million Americans, some company executives sold off nearly $2 million in Equifax stock — a move that is currently under investigation. According to a new report, the Equifax executive who approved those stock sales is also the exec in charge of the company’s cybersecurity. [More]
Apple Admits That Face ID May Be Fooled By Evil Twins & Little Kids
By 9.29.17
When Apple introduced the iPhone X’s new “Face ID” feature — which scans a user’s face to unlock the phone — the company said it had considered the “Evil Twin” scenario. And now, it’s admitting that if you have a twin — or an alternate reality doppelgänger– he or she could totally break into your phone. [More]
Lawmakers Say Mattel’s Always-On ‘Aristotle’ Kid Monitor Raises “Serious Privacy Concerns” For Families
By 9.29.17
Despite announcing the product in January, toy giant Mattel has still not released the always-on, always-listening Aristotle kid monitor that has already raised red flags among privacy advocates. Now, a bipartisan pair of U.S. legislators are asking Mattel to address what they see as serious concerns about this connected-home device that is intended to track info about your kid from birth through adolescence. [More]
Whole Foods Investigating Credit Card Breach At Some Stores
By 9.29.17
Have you eaten at or enjoyed an adult beverage at Whole Foods this year? If you paid with a credit card, your information might have been leaked. Whole Foods is investigating a possible credit card breach at some of its stores. [More]
Equifax CEO Apologizes For Company’s Incompetence, Promises Vague (Possibly Pointless) Credit ‘Lock’ Service In 2018
By 9.28.17
The interim CEO for credit bureau Equifax is finally issuing a full-throated mea culpa for the massive data breach that compromised sensitive personal and financial information for about half of the adult U.S. population. In addition to extending the deadline for hack victims to freeze their credit free of charge or sign up for the company’s not terribly enticing anti-ID theft program, Equifax is also promising to offer something new: A way to “lock” your credit file (sort of, maybe, and only partially) for free (possibly). [More]
Birchbox Will Share Your Mailing Address With Anyone Who Sends You A Gift Subscription
By 9.28.17 — Updated: 10.2.17
UPDATE: Birchbox has discontinued its practice of sharing gift recipients’ addresses with gift givers. The company tells Consumerist that sharing the information was an “oversight.”
We live in a world where it’s becoming increasingly common for people to send gifts to others without ever knowing their mailing address. Many online retailers now let you at least purchase gift cards or gift subscriptions with only the recipient’s email address. But for some reason, Birchbox will also tell you the recipient’s full shipping address. [More]
