A fourth grade teacher in Salt Lake City, Utah, bought a box of scrap paper for $20 and discovered it was actually a box of medical records of 28 patients from Central Florida Regional Hospital. The hospital shipped the box via UPS to an audit company in Las Vegas last December. The hospital claims it had been tracking the box since February, but hadn’t told the patients. As for the teacher’s class, her next assignment for the students will be, “Apply for credit card offers using SSNs from the scrap paper box.”
data
Microsoft Doesn't Know Why You Can't Access Any Of Your Saved Games
By 2.28.08
Reader Brad took his XBOX Live Gamertag to a friend’s house. When he got home, he realized that he’d forgotten his memory card (with the Gamertag on it) at his friend’s place.
By 2.13.08
../../../..//2008/02/13/katie-says-her-sidekick/
Katie says her Sidekick wasn’t connecting to the network for the past day or so, so she “called T-Mobile and there’s an outage in NYC affecting all gprs-using devices (sidekicks, blackberries, etc).” They gave her a $5 credit for compensation, so if you’re in a similar situation you might want to call T-Mobile to complain.
Massive North American Blackberry Outage
By 2.11.08
Blackberry smartphones are screwed up! There’s a massive outage going on in “the Americas” says RIM.
US Customs Helps Itself To Your Electronics And Private Data
By 2.7.08
A few months earlier in the same airport, a tech engineer returning from a business trip to London objected when a federal agent asked him to type his password into his laptop computer. “This laptop doesn’t belong to me,” he remembers protesting. “It belongs to my company.” Eventually, he agreed to log on and stood by as the officer copied the Web sites he had visited, said the engineer, a U.S. citizen who spoke on the condition of anonymity for fear of calling attention to himself.
Proposed "MicroHoo" Merger Has Privacy Implications
By 2.5.08
Microsoft has been trying to make Google seem like a threat to privacy, when in fact it’s both of them,” says Jeff Chester, the executive director of the Center for Digital Democracy (CDD). “We may now have two companies that will rival the National Security Agency in their ability to compile detailed profiles of users wherever they go online.”
By 2.1.08
../../../..//2008/02/01/an-att-spokesman-says-yesterdays/
An AT&T spokesman says yesterday’s data network outages across the U.S. were the result of the cut undersea cable in the Mediterranean that’s caused Internet and phone disruptions across Northern Africa, India and the Middle East. The cable will take 12-15 days to fix, although AT&T’s U.S. network was back up by the end of the day yesterday. [The Seattle Times]
Facebook's Privacy Practices Under Investigation In U.K.
By 1.22.08
Facebook is being investigated by the U.K.’s Information Commissioner’s Office (ICO) over their jacked-up cancellation policies, which keeps your user data on Facebook’s servers even after you’ve closed your account. Facebook says its privacy policies are well within ICO regulations, and that they are taking the “concerns of the ICO and our user’s privacy very seriously.”
Data Tape On 650k Customers From 230 Retailers Is Missing
By 1.18.08
Today GE Money reported that a data tape containing personal information on 650,000 customers from “about 230 retailers including J.C. Penney Co” is missing. Social Security numbers for about 150,000 customers were also on the tape. It was “being stored at a facility operated by Iron Mountain Inc, an information protection and storage company,” but there’s no evidence currently that it was stolen—it may just be sitting somewhere in a vast matte-painted warehouse like the Ark of the Covenant. However, it may also be the source of the recent wave of ID theft issues we’ve noticed.
Researches Claim To Reverse Netflix's Anonymization
By 1.15.08
Researchers from Department of Computer Sciences at the University of Texas at Austin say they can reverse Netflix’s anonymous data (which was released in to the public as part of a contest to see if someone could design a better rating system) by comparing it to only a few ratings on IMDb. The result? Specific users can be identified and linked to their (ostensibly) private ratings.
Releasing the data and just removing the names does nothing for privacy,” Shmatikov told SecurityFocus. “If you know their name and a few records, then you can identify that person in the other (private) database.”
By 1.8.08
../../../..//2008/01/08/oh-by-the-way-kamberedelson/
Oh, by the way, KamberEdelson, the law firm that filed the class action against Sears over its website exposing customer’s purchase histories? They’re the same folks who successfully sued Sony BMG for selling all those DRM-riddled music CDs. Sears could be in trouble. [Washington Post]
Sears Sued For Showing Everything Your Friends And Neighbors Have Ever Bought
By 1.7.08
Reuters reports a class-action lawsuit has been filed against Sears for its managemyhome.com site which allowed you to type in anyone’s name and address or phone number and get a record of everything they ever bought at Sears. The suit alleges that in doing so, Sears engaged in “unfair or deceptive” practices. Not too long after our post went up on Friday reporting on the matter, the purchase history feature was turned off. Sears said it had “turned off the ability to view a customer’s purchase history on Manage My Home until we can implement a validation process that will restrict access by unauthorized third parties.” Yes, a validation process, that would be good to have.
By 1.4.08
../../../..//2008/01/04/if-youre-serious-about/
If you’re serious about keeping your personal information safe, then make sure you wipe your computer’s hard drive with something like Eraser or Darik’s Boot and Nuke (DBAN) (both free) before handing it off to a friend, family member, or random stranger.
See Everything Your Friends And Neighbors Have Ever Bought At Sears
By 1.4.08
Want to see all the major appliances and repair services that your friends and neighbors… (and anyone else who you can look up in the phone book) have ever purchased at Sears?
California's Consumer Data Law Isn't Working Too Well
By 1.3.08
The “Shine the Light” law passed in California in 2005 requires all businesses to tell customers who they sell their private data to, and to provide a no-cost way to remove your name, address, and phone number from their lists. Unfortunately, it’s not being followed by more than half of the companies tested in a new report: “The California Public Interest Research Group found only one third of the survey participants received responses from companies consistent with the law.”
TJX Proposes One-Day Sale As Part Of Class Action Settlement
By 11.20.07
When TJX revealed earlier this year that they’d failed to keep safe over 45 million customer credit card accounts, they were hit with both consumer and bank class action lawsuits. Now they’ve submitted a proposed settlement for the consumer class action suit that includes a strange, somewhat insulting offer: a “one-day sale” for victims of the theft. Attorneys general from eight states have filed an objection against the proposal, citing that even if it’s a well-intentioned goodwill gesture, it doesn’t belong as part of any official, legal settlement, which should be designed to benefit the victims rather than the retailer.
Tivo To Start Sharing Demographic Data
By 11.8.07
As a product, Tivo is easy to love, even root for. As a company, they’re sliding further down that slippery slope of privacy invasion. According to the Wall Street Journal, today Tivo will announce that they’re going to start making detailed demographic customer data available to advertisers. They already sell second-by-second data on viewing patterns, but so far it’s been anonymous; now it will come with information about viewers’ ethnicity, age, income level, etc. As far as we know, they have no corresponding plan to compensate their customers for selling this data. [Update: It turns out Tivo is pulling the demographic data from a group of 20,000 volunteers, and the compensation is the chance to win a free Tivo. (Thanks, Megazone!)]
Verizon To Pay $1 Million To Customers After Falsely Advertising Data Plans As "Unlimited"
By 10.23.07
According to NY Attorney General Andrew Cuomo, Verizon Wireless has agreed to reimburse $1 million to customers for wrongful account termination after falsely advertising their wireless plans as “unlimited,” when in fact the company sets limits and terminates the accounts of heavy users.
