CNN: Facebook could face billion dollar fine for data breaches. “Facebook could be facing a multi-billion dollar fine after a European regulator announced Friday that it is launching an investigation into the company over failure to protect user privacy.”
The Register: Equifax how-it-was-mega-hacked damning dossier lands, in all of its infuriating glory . “A US Congressional report outlining the breakdowns that led to the 2017 theft of 148 million personal records from Equifax has revealed a stunning catalog of failure. The 96-page report (PDF) from the Committee of Oversight and Government Reform found that the 2017 network breach could have easily been prevented had the company taken basic security precautions.”
Wired: The Wired Guide To Data Breaches. “Think of data breaches as coming in two flavors: breaches of institutions that people choose to entrust with their data—like retailers and banks—and breaches of entities that acquired user data secondarily—like credit bureaus and marketing firms. Unfortunately, you can’t keep your information perfectly safe: It is often impossible to avoid sharing data, especially with organizations like governments and health insurers. Furthermore, in cases where a company or institution gives your information to an additional party, you’ve often agreed to sharing more data than you realize by clicking ‘I accept’ on a dense user agreement.”
Threatpost: 1-800-Flowers Becomes Latest Payment Breach Victim. “Those buying flowers for Mother’s Day or looking to send a plant for a birthday could find their thoughtful gestures reaping a crop of misery: Payment card data has been lifted from the Canadian online outpost of 1-800-Flowers, in an incident that has persisted for four years.” Since August 2014. That’s bonkers.
BBC: Quora says 100 million users hacked. “Question-and-answer website Quora has been hacked, with the names and email addresses of 100 million users compromised. The breach also included encrypted passwords, and questions people had asked.”
The Register: Technical foul: Amazon suffers data breach days before Black Friday, emails world+dog. “Amazon has suffered a data breach just days before Black Friday – and the company was tight-lipped about whether it had notified the British data protection authorities.”
Slashgear: Hospitals, insurance companies leak more health data than hackers. “Hospitals, insurance firms, physician offices, and similar companies leak more personal health data than hackers, a new study has revealed. According to researchers with two major US universities, more than half of personal health data breaches resulted from problems with the medical providers themselves rather than an external force, such as hackers.”