#Privacy: Cannabis website exposes customer data

Leafly, the world’s largest cannabis information resource, has leaked customer information due to an unprotected database. The company discovered the leak on September 30, to which breach notification emails were sent to affected users shortly after.  The user records exposed dated back to July 2, 2016 and contained email addresses, usernames, encrypted passwords, ages, gender, […]

#Privacy: Hacker exposes data of 250K sex workers

Dutch website Hookers.nl has been compromised due to a vulnerability exposing the account details of all 250,000 users.  The hacker was able to exploit a vulnerability within the website’s vBulletin forum software, to access the internal database of Hookers.nl, a popular website utilised by sex workers and their clients.  Reports have emerged suggesting that the […]

Facebook’s New “Off-Facebook Activity” Feature: What’s New and Why Should You Care?

Written by Evelyne Kemunto, Lawyer at Privacy Culture Ltd.    Online advertising is becoming the dominant force in the internet today. Businesses have mastered your digital habits by tracking what you read, watch, search or buy online. The tracked information is then used to create a profile of your likes, interests and preferences which consequently aid […]

#Privacy: Freedom Healthcare Staffing exposes almost a million records

A non-password protected database containing 957,000 records from Freedom Healthcare Staffing in Aurora, Colorado has been found.  Security researcher, Jeremiah Fowler discovered the database on September 16 – to which it contained intimate details of employees, internal notes, possible internal email communications, job seeker and recruiter data, IP addresses, ports and pathways.  “In a sampling […]

#Privacy: Twitter “inadvertently” used phone numbers obtained from users to target ads

Twitter has confirmed that it had been using phone numbers and email addresses provided by users for advertising purposes.   Despite the phone numbers and email addresses being solely used for two-factor authentication, Twitter has admitted that the data was “inadvertently” used in the Tailored Audiences and Partner Audiences advertising system.  The Tailored Audiences systems allows […]

#Privacy: CCPA could cost organisations up to $55B in initial compliance costs

A report has revealed that California’s new privacy law could cost companies a total of up to $55 billion in initial compliance costs.  According to an economic impact assessment prepared for the California Attorney General’s Office, it was discovered that companies with less than 20 employees could pay around $50,000 in compliance costs.  Companies with […]

#Privacy: CafePress faces class-action lawsuit

CafePress has become the target of a proposed national class-action lawsuit following a data breach exposing more than 20 million accounts.  The data breach had compromised the records of more than 23 million accounts, including their names, physical addresses, phone numbers and passwords.  The consumer-rights law firm FeganScott has claimed that CafePress allowed hackers to […]

#Privacy: Personal data of 92 million Brazilians for sale on underground forums

The personal information of 92 million Brazilian citizens are being auctioned on underground forums.  The auction is said to be present on numerous restricted-access forums on the dark web, to which anyone can access by paying a fee or being invited by someone within the community.  According to BleepingComputer, the personal data is being sold […]

#Privacy: Organisations are failing to adequately protect sensitive data in the cloud

Research has revealed an increasing difference between the rapid growth of data stored in the cloud and an organisations approach to cloud security.  A study from Thales, featuring research from the Ponemon Institute, surveyed over 3,000 It and IT security practitioners in Australia, Brazil, France, Germany, India, Japan, the UK and the US.  The research […]