Leafly, the world’s largest cannabis information resource, has leaked customer information due to an unprotected database. The company discovered the leak on September 30, to which breach notification emails were sent to affected users shortly after. The user records exposed dated back to July 2, 2016 and contained email addresses, usernames, encrypted passwords, ages, gender, […]
Privacy
#Privacy: Hacker exposes data of 250K sex workers
Dutch website Hookers.nl has been compromised due to a vulnerability exposing the account details of all 250,000 users. The hacker was able to exploit a vulnerability within the website’s vBulletin forum software, to access the internal database of Hookers.nl, a popular website utilised by sex workers and their clients. Reports have emerged suggesting that the […]
#Privacy: New regulations to enforce CCPA proposed by California state
California has put forward new regulations that will establish the ways in which the US state’s new privacy law, the California Consumer Privacy Act (CCPA) will be enforced. The CCPA is a ground-breaking new legislative framework on the US data privacy landscape, set to come into effect on the 1st January 2020. Taking inspiration from […]
PrivSec:Report Weekly Roundup
Each week, PrivSec:Report presents the top 5 headlines from the week’s news and upcoming events in the privacy and security industry. This week Twitter had a Facebook-esque blunder with user data and the UK’s National Cyber Security Centre has revealed that it has seen a huge increase in the number of young women applying to […]
#Privacy: Unprompted voice assistant ads are “creepy” for most consumers, study finds
Global B2C marketing automation company, Selligent, has issued the results of a global study of 5,000 consumers focused on behaviours and expectations as it relates to interactions with brands. According to the research, 69% of surveyed consumers find it “creepy” when they receive ads based on unprompted cues from voice assistants like Apple’s Siri, Amazon’s Alexa and […]
Facebook’s New “Off-Facebook Activity” Feature: What’s New and Why Should You Care?
Written by Evelyne Kemunto, Lawyer at Privacy Culture Ltd. Online advertising is becoming the dominant force in the internet today. Businesses have mastered your digital habits by tracking what you read, watch, search or buy online. The tracked information is then used to create a profile of your likes, interests and preferences which consequently aid […]
#Privacy: Freedom Healthcare Staffing exposes almost a million records
A non-password protected database containing 957,000 records from Freedom Healthcare Staffing in Aurora, Colorado has been found. Security researcher, Jeremiah Fowler discovered the database on September 16 – to which it contained intimate details of employees, internal notes, possible internal email communications, job seeker and recruiter data, IP addresses, ports and pathways. “In a sampling […]
#Privacy: Twitter “inadvertently” used phone numbers obtained from users to target ads
Twitter has confirmed that it had been using phone numbers and email addresses provided by users for advertising purposes. Despite the phone numbers and email addresses being solely used for two-factor authentication, Twitter has admitted that the data was “inadvertently” used in the Tailored Audiences and Partner Audiences advertising system. The Tailored Audiences systems allows […]
#Privacy: CafePress faces class-action lawsuit
CafePress has become the target of a proposed national class-action lawsuit following a data breach exposing more than 20 million accounts. The data breach had compromised the records of more than 23 million accounts, including their names, physical addresses, phone numbers and passwords. The consumer-rights law firm FeganScott has claimed that CafePress allowed hackers to […]
#Privacy: Personal data of 92 million Brazilians for sale on underground forums
The personal information of 92 million Brazilian citizens are being auctioned on underground forums. The auction is said to be present on numerous restricted-access forums on the dark web, to which anyone can access by paying a fee or being invited by someone within the community. According to BleepingComputer, the personal data is being sold […]