The Swedish Transportstyrelsen (Transport Agency) botched its outsourcing to IBM, uploading its records to IBM's cloud and then emailing cleartext copies to marketing managers, unvetted IBM employees in the Czech Republic and others.
The database contains the names, photos and home addresses of all drivers/car owners in Sweden, and exposes the home addresses of the country's spies, people in witness relocation programs, people on police registries, and "type, model, weight, and any defects in all government and military vehicles, including their operator."
One agency employee, former director general Maria Ågren, was fired and fined, seemingly in connection with the breach.
The breach occurred in 2015, was detected in 2016, and has only just come to the public sphere.
The database is still hosted in IBM's cloud, and the earliest it could be locked down is this autumn.
According to Falkvinge, the leak exposed:
The weight capacity of all roads as well as bridges (which is crucial for warfare, and gives a lot idea about what roads are intended to be used as wartime airfields).
Names, photos, and home addresses of fighter pilots in the Air Force.
Names, photos, and home addresses of everybody in a police register, which are believed to be classified.
Names, photos, and residential addresses of all operators in the military's most secret units that are equivalent to the SAS or SEAL teams.
Names, photos, and addresses of everybody in a witness relocation program, who has been given protected identity for some reasons.
Type, model, weight, and any defects in all government and military vehicles, including their operator, which reveals a much about the structure of military support units.
Swedish authority handed over 'keys to the Kingdom' in IT security slip-up
Sweden Accidentally Leaks Personal Details of Nearly All Citizens [Swati Khandelwal/The Hacker News]
Yesterday Bytedance, the company that acquired the tween-centric app Musica.ly and relaunched it as Tiktok, was been sued by a parents' group for violating the Children's Online Privacy Protection Act by gathering, storing, and selling private information about their children. Today, they settled the case on terms that have not been disclosed.
Reps Anna Eshoo [D-CA] and Zoe Lofgren [D-CA] have introduced HR 4978, the "Online Privacy Act," which is a comprehensive set of federal rules for privacy, interoperability, and protection from algorithmic discrimination and manipulation.
Chrome’s incognito mode is useful if you don’t want your browsing history saved to your account, don’t want websites to access your cookies, or if you want to troubleshoot your browser. But it doesn’t do much to protect your privacy. Your ISP can see what websites you visit, and services like Twitter can figure out […]
Weighted blankets are officially a thing. And if you’ve ever tried one, you know there’s a reason for the fuss. Parents have known for generations that swaddling a baby has a profound calming effect, and the gentle pressure that blanket weights provide can have the same effect on restless sleepers. Pretty much all parts of […]
Walk through any office, and you will likely spot a few bobbleheads. These wobbly figurines are great fun to have around, although most celebrate people we will never meet. For something a little more personal, try Handmade Custom Bobbleheads. These mini caricatures are sculpted and painted by skilled artisans, based on any photo you provide. […]
In the early days of the web, everyone wanted a .com domain for their site. As a result, all the good ones got snapped up. But .com no longer has the cachet it once did. In fact, many new businesses and individuals are opting for other top-level domain extensions. One of the most memorable is […]