“If there are no consequences for the [UN] agencies for failures like these … there will be more breaches.”

An unsecured facial recognition database that contained info on thousands of children from 20 schools in China, half of which are located in historically ethnic Tibetan areas, has been found online. Read the rest

After LifeLabs was hit by a a cyber attack in November, the Canada-based medical lab paid a ransom to recover stolen data belonging to more than 15 million of its customers. That stolen data included usernames, password, and some 80,000 or more test results. Read the rest

In a decision released late Tuesday night, a federal judge ruled that up to 29 million Facebook users whose personal info was stolen in a September 2018 data breach are not entitled to sue Facebook as a group for damages -- but the users may be entitled to demand better personal data security at Facebook. Read the rest

Good news, everyone!

If you live in New York City and your personal information wasn't already compromised by the recent, massive hack of Capital One's customer database, there's still an excellent chance that at least some of the sensitive information in your life has its ass hanging out for the world to see, courtesy of the Fire Department of New York.

From Gizmodo:

An estimated 10,253 people who used the FDNY’s Emergency Medical Services between 2011 to 2018 had their data exfiltrated well over a year ago, when an “employee, who was authorized to access the records, had uploaded the information onto the personal external device,” which went missing sometime thereafter, according to a statement by FDNY.

A personal hard drive! That's been missing! For a year! I'm sure it's fine! The FDNY would love it if you believed this to be true. To make sure that those possibly compromised in the breach, they sent out a letter, via snail mail (I mean, you obviously can't trust computers), talking the those who received medical care from the Fire Department during the aforementioned, seven-year period:

What happened: On March 4, 2019, the New York City Fire Department (“FDNY”) was notified that an FDNY employee’s personal portable hard drive was reported missing from an FDNY facility. This hard drive is a portable electronic data storage device that can be attached to a computer. It belonged to an employee authorized to access FDNY patient information and contained confidential personal information about patients who had been treated and/or transported by an FDNY ambulance.

Read the rest

That massive Equifax data breach on September 7, 2017, shocked everyone, but a year and a half later, where the data of all those 143 million Equifax users ended up is still a mystery. Read the rest

Facebook says an attack on its network left the personal information of some 50 million users—perhaps you?—exposed to hackers. Who were the hackers, and what did they want? Facebook doesn't know, or won't say. But the company has confirmed that execs Mark Zuckerberg and Sheryl Sanders were among the users affected.

“We have a responsibility to protect your data, and if we can’t then we don’t deserve to serve you,” Zuckerberg said about Facebook's Cambridge Analytica scandal earlier this year.

Well. You heard the man. Read the rest

“A key Interior technology official who had access to sensitive systems for over five years had lied about his education, submitting falsified college transcripts produced by an online service.”