Norwegian health authority hacked, patient data of nearly 3 million citizens possibly compromised

Hackers have breached the systems of the Southern and Eastern Norway Regional Health Authority (Helse Sør-Øst RHF), and possibly made off with personal information and health records of some 2.9 million Norwegians. The breach was announced on Monday by the authority and it is still unknown if the attackers managed to access and exfiltrate patient data. The […]

Kaspersky Lab Warns of Extremely Sophisticated Android Spyware Tool

An Italian IT company has been using spoofed web pages to quietly distribute an extremely sophisticated Android spyware tool for conducting surveillance on targeted individuals since 2015. In an advisory Tuesday, security vendor Kaspersky Lab described the tool, named Skygofree, as containing location-based audio recording capabilities and other functionality never before seen in the wild. Available telemetry […]

Business must tone down its lust for big data

Read Stilgherrian explain how businesses’ lust for big data is damaging trust and breaching privacy on ZDNet : It should come as no surprise that when key industry bodies write submissions to government consultations they’re self-serving. That’s what such lobby groups are for, right? Read his full article here.

Privacy: The Dark Side of the Internet of Things

There’s a lot of buzz about the Internet of Things (IoT), but people aren’t quite sure what to think of it. Back in fall 2016, there was a big attack on an Internet service provider in which a bunch of IoT devices became a botnet and made much of the Internet unavailable. It was a big […]

Four misconceptions around compensating controls

As the New Year celebrations come to a close, the deadline to become compliant with the EU’s new consumer protection regulation GDPR is creeping closer. With this new law coming into effect in late May, businesses around the world are running out of time to prepare or else risk facing reputation and financial ruin. The best preparation will […]

Building a program for GDPR compliance: Can you answer these key questions?

The clock is ticking and the General Data Protection Regulation (GDPR) will start to be enforced in May. Now is a critical time for organizations to plan, budget and make any remaining changes needed to meet its guidelines. Failure to comply with GDPR standards will result in hefty non-compliance fines, and even U.S. organizations could be affected. Remember: GDPR guidelines […]

Ad targeters exploit browsers’ password managers to track users online

Ad targeters are exploiting browsers’ built-in login managers to covertly collect hashes of users’ email addresses, to be used to track them across the web. “Email addresses are unique and persistent, and thus the hash of an email address is an excellent tracking identifier,” Princeton University’s Center for Information Technology researchers explain. “A user’s email address […]

​240,000 Homeland Security employees, case witnesses affected by data breach

The United States Department of Homeland Security (DHS) has confirmed the breach of the DHS Office of Inspector General (OIG) Case Management System (CMS), affecting approximately 247,167 individuals employed by DHS in 2014, as well as individuals including subjects, witnesses, and complainants associated with DHS OIG investigations from 2002 through 2014. DHS issued a statement […]

General Data Protection Regulation (GDPR) requirements, deadlines and facts

Companies that collect data on citizens in European Union (EU) countries will need to comply with strict new rules around protecting customer data by May 25. The General Data Protection Regulation (GDPR) is expected to set a new standard for consumer rights regarding their data, but companies will be challenged as they put systems and processes in […]

2017 was a dumpster fire of privacy and security screw-ups

If you thought 2016 was bad — a year of historical hacks and game-changing cyberattacks — 2017 was even worse. Sure, 2016 may have killed every famous person we ever cared about, but this year brought shame on our favorite companies for getting security wrong and violating our privacy. Companies betrayed you, covered up hacks and renounced their responsibilities, […]