Welcome to our weekly privacy newsletter to read the latest privacy-related news from across the globe. We classify our weekly privacy newsletter into three parts namely Applause, Breaches and Current News (ABC's) of Privacy news. For any feedback on our weekly newsletter, please feel free to send your comments to social@oneDPO.com.
Washington lawmakers are making another push to pass privacy regulations that govern companies' collection and sale of people's private digital information. The Washington Privacy Act would give state residents the right to know who is using their data, the right to correction and the right to opt-out of certain forms of data processing.
A hacker claims to have hacked LimeLeads, a San Francisco-based business-to-business (B2B)leads generator, which makes its money by renting access to an internal database containing business contacts that can be used for pitches and sales. The danger from this data being sold is that it provides hackers and malware operators with an ideal base to launch spear-phishing attacks against verified companies and their appropriate contact.
Hundreds of hospitals, medical offices, and imaging centers are running insecure storage systems, allowing anyone with an internet connection and free-to-download software to access over1 billion medical images of patients across the world. Despite warnings from security researchers who have spent weeks alerting hospitals and doctors' offices to the problem, many have ignored their warnings and continue to expose their patients' private health information. Patients are unaware that their data could be exposed on the internet for anyone to find.
The U.S. District Court of Georgia has signed off on Equifax's $1.38 billion class-action settlement over its 2017 data breach. The Government Technology reports affected Equifax customers have a Jan. 22 deadline to file for damages under the FTC's settlement with the credit bureau.
Verizon Media launched a search engine called OneSearch, which works on both desktop and mobile. OneSearch offers an "Advanced Privacy Mode," which provides search results that "self-destruct" inan hour. The company also says it won't store users' search history nor will it share users' data with advertisers.
Amazon has fired several employees after they shared customer email addresses and phone numbers with a third-party in violation of their policies. In a separate incident, Amazon said this week that it fired four employees at Ring, one of the retail giant's smart cameras and doorbell subsidiaries.
The Information Commissioner's Office (ICO) has fined DSG Retail Limited (DSG) '500,000 after a 'point of sale' computer system was compromised as a result of a cyber-attack, affecting at least 14 million people. The company's failure to secure the system also allowed unauthorized access to 5.6 million payment card details used in transactions. The attack went on for nine months before it was detected.
A cybersecurity firm has called attention to security holes in TikTok that would have allowed hackers to infiltrate the accounts among its billion-plus users. The firm's research shows they were able to manipulate code to mess with accounts' contents, delete and upload videos without the account owner's consent, make previously "hidden" videos public, and access personal information like email addresses. The revelations may intensify the scrutiny over a social media service that's exploded in popularity globally in past years.