Data Protection

Zoom Video privacy breach costly

Zoom Video Communications has agreed to pay $85 million and bolster its security practices to settle a class-action lawsuit claiming it violated users' privacy rights by sharing personal data with several social media companies. Subscribers would be eligible for refunds after a judge signs off on the deal. [node:read-more:link]

Android malware discovered

A new Android-based malware uses screen recording to log in and steal sensitive information from devices. Dubbed “Vultur” by Dutch security researchers, the malware was disguised as a protective app distributed through Google. [node:read-more:link]

Health services company data stolen

One of Canada’s largest mental health and addictions treatment services, Homewood Health, has admitted that some clients’ data was stolen and offered at auction. The self-described “leaked data marketplace” site Marketo said it had more than 180 gigabytes of the company’s data including documents referencing provincial and national organizations. [node:read-more:link]

Amazon facing massive EU penalty has been fined €746 million by the European Union for processing personal data in violation of the bloc’s privacy laws but plans to appeal. While the ruling was only made public today by the Luxembourg National Commission for Data Protection, the decision was taken two weeks ago. [node:read-more:link]

Social media giants in trouble in Russia

A Russian district court has fined Google three million rubles (approx. $51,000 CAD) for violating personal data legislation. The company has confirmed the penalty, which is about half the possible maximum fine, but had no further comment. Meanwhile, a Moscow court has begun proceedings against Facebook and Twitter for the same alleged offence. [node:read-more:link]

Five years for access to info?

An access-to information request for a week’s worth of emails, texts and other messages by the head of the Public Health Agency of Canada evidently could take at least five years to fulfill. This is according to an anonymous Ontario government employee seeking clarification about the circumstances which led to the dismissal of two scientists. [node:read-more:link]

Voters beware of cyber interference!

The Communications Security Establishment says that Canadians are “very likely to encounter some form of foreign cyber interference” before and during the next federal election. “We assess that an increasing number of threat actors have the cyber tools, the organizational capacity, and a sufficiently advanced understanding of Canada's political landscape to direct cyber activity against future Canadian federal elections,” it says in a new threat assessment. [node:read-more:link]

Russian hackers active again

Hackers linked to the Russian General Staff Main Intelligence have been scaling up attacks on western targets in the public and private sectors, according to the U.S. and Britain. “These are almost certainly still ongoing,” their security agencies caution in a new report. [node:read-more:link]

Massive hack of Florida-based site

About 200 U.S. companies using the services of a Florida-based IT company, Kaseya, have been hit by a “colossal” ransomware attack. The cybersecurity company, Huntress Labs, says the July 2 hack by a suspected Russia group was spread through corporate networks which used Kasey’s software. [node:read-more:link]

U.S. plans more IT spending

President Joe Biden’s first budget, for 2022, includes $58.4 billion for 25 civilian agencies’ information technology improvement and maintenance as the administration furthers “the vision of digital government.” The request in the May 28 budget represents a 2.4 per cent increase from 2021. [node:read-more:link]

Japanese government agencies hacked

Information-sharing software developed by Fujitsu enabled hackers to leak data from Japanese government offices. Among other things, air traffic control data at Tokyo Narita Airport was compromised, prompting a cybersecurity alert. Fujitsu suspended the software's services pending an investigation. [node:read-more:link]

Russian AI quickly gaining advantage

A report released May 24 by the Pentagon warns that the Russian military is more technologically advanced than the U.S. realized and is quickly developing artificial intelligence capabilities to gain battlefield advantage. However, the federally-funded Center for Naval Analyses, which supports the Navy and Marine Corps, also notes that Moscow’s capabilities are constrained because its AI efforts are primarily government funded. [node:read-more:link]

Chinese research links worrisome

Alberta has ordered four universities to stop seeking research projects linked to the Chinese government. “I am deeply concerned about the potential theft of Canadian intellectual property and further concerned that research partnerships […] may be used by Chinese military and intelligence agencies,” Advanced Education Minister Demetrios Nicolaides says. “More needs to be done to curb foreign state infiltration into our research and innovation centres.” [node:read-more:link]

Revenue Canada major data mishandler

The personal information of at least 144,000 Canadians has been mishandled by federal departments and agencies in the past two years and not everyone affected by a privacy breach was told about it. The Canada Revenue Agency was the lead offender with more than 3,000 incidents affecting close to 60,000 taxpayers. [node:read-more:link]

“Juice jacking” security threat

Public charging stations commonly found in many airports and other hubs are reportedly being used by criminals to gain access to personal data on mobile phones, tablets or laptops. So-called “juice jacking” evidently facilitates the installation of malware when a device is connected to a compromised power point even for a short-tern boost. [node:read-more:link]


Subscribe to RSS - Data Protection