#Privacy: Internal passwords belonging to Orvis leaked twice

A report has revealed that Orvis.com, an American retailer, leaked hundreds of internal passwords on Pastebin.com. According to Krebs On Security, the leaked credentials related to backend management, firewall administration, router settings and database servers.  Krebs received a tip from Hold Security in late October about the data breach, stating that there was a large […]

#PrivSecNY: Cyber-security meets data privacy in fascinating opening day at PrivSec New York

A global audience of privacy and security professionals met at PrivSec New York at Columbia University for an insightful two days of keynote talks and panel debates. Thanks to the engaging presentations on a range of topics delivered in two separate theatres, attendees found themselves at the forefront of the global debate on data protection […]

#Privacy: Hosting provider SmarterASP.NET struck by ransomware attack

SmarterASP.NET, a US hosting provider has been hit by a ransomware attack, impacting its 440,000+ customers.  Over the weekend, hackers had breached the SmarterASP.NET network and encrypted data on customer servers. Additionally, the attack also impacted the company’s website which went offline on Saturday.  The files seem to have been encrypted by a ransomware that […]

#Privacy: Proceed with caution – the ICO opinion of facial recognition technology

By Michael Drury & Julian Hayes, partners at BCL Solicitors LLP Ahead of an upcoming appeal against the High Court ruling permitting police use of facial recognition technology (FRT), the Information Commissioner on 31 October published her first ever official opinion under the Data Protection Act. Coming from the UK’s respected data supervisor, the document, tackling […]

#Privacy: Regulator “advocating a more cautious approach” to facial recognition technology

The UK data regulator, the Information Commissioner’s Office is “not seeking to curtail its use completely,” Julian Hayes says, following the ICO’s official opinion on the Bridges case regarding the use of facial recognition technology (FRT). “A gradualist path is likely to achieve longer term “buy-in” from legislators and the wider public, ensuring the crime-fighting […]

#Privacy: Bed Bath & Beyond discloses data breach

The home goods retailer has announced that an unauthorised party acquired the login information of some of its customers.  According to the Securities and Exchange Commission (SEC) filing, an unauthorised party obtained email and password information from an external source outside the company’s system.  Less than 1% of Bed Bath & Beyond’s online customer accounts […]

#Privacy: Australia proposes facial recognition to gain access to adult sites

The Australian government has proposed using facial recognition to verify the ages of people wanting to visit adult sites.  Currently, Australian law does not prohibit minors from visiting adults site, however this new proposal would require users to verify their age before watching the adult material. Under the proposal, which was launched by Australia’s Department […]

#Privacy: Over 7m Adobe Creative Cloud users exposed to hackers

Nearly 7.5 million Adobe Creative Cloud user records were left exposed due to an exposed, non-password protected Elasticsearch database. Security researcher Bob Diachenko, who worked alongside Comparitech, estimates that the database was exposed for about a week. However, it remains unknown as to whether anyone else gained unauthorised access to the database.  The exposed information […]