ZDNet: AWS rolls out new security feature to prevent accidental S3 data leaks. “Amazon’s Web Services division has rolled out new security features to AWS account owners today that are meant to prevent accidental data exposures caused by the misconfiguration of S3 data storage buckets.”
Wired UK: This UK pub chain left 17,000 customer details exposed online . “The personal details of thousands of beer drinkers were left exposed thanks to a Wi-Fi provider proving leakier than a smashed pint glass.”
Engadget: Instagram bug inadvertently exposed some user’s passwords . “According to The Information, Instagram has suffered a serious security leak of its own that could’ve exposed user’s passwords. While Facebook recently had a much more serious problem linked to its ‘View As’ tool that was being actively exploited by… someone, the Instagram issue is linked to its tool that allows users to download a copy of their data.”
The Intercept: Google’s “Smart City Of Surveillance” Faces New Resistance In Toronto. “From the start, activists, technology researchers, and some government officials have been skeptical about the idea of putting Google, or one of its sister companies, in charge of a city. Their suspicions about turning part of Toronto into a corporate test bed were triggered, at first, by the company’s history of unethical corporate practices and surreptitious data collection. They have since been borne out by Quayside’s secret and undemocratic development process, which has been plagued by a lack of public input — what one critic has called ‘a colonizing experiment in surveillance capitalism attempting to bulldoze important urban, civic and political issues.'”
The Next Web: Google’s ethical black hole swallows Deepmind’s best intentions. “Google yesterday set off another controversy when it announced the acquisition of Streams, DeepMind’s algorithm-based healthcare data management platform. The controversy stems from what the deal’s detractors view as a breach of trust by Deepmind. The UK-based AI startup, which was purchased by Google‘s parent company Alphabet in 2014, has always maintained that it operated autonomously underneath the umbrella of Google. As such, it’s long said it would never share identifiable patient data – from its healthcare endeavors – with Google.”
TechCrunch: 1-877-KARS4KIDS had a data breach. “The New Jersey-based charity has plagued the American airwaves for years with the ‘most hated’ jingle to try to get consumers to trade in their car — for the kids! In return, you get to write-off the donation from your taxes, and you’re given a ‘holiday voucher’ to sweeten the deal. But a security lapse left thousands of those donation records exposed for anyone to find.” Since the information was just left on an open server, I think this is more of a leak than a breach.