top of page

Top News: Google Faces Scrutiny Over Series of Privacy Breaches; Snowflake Linked to Ticketmaster Data Breach Amid Conflicting Reports and More


TikTok allegedly still sharing data with China; Uber receives €10 million fine and more

Snowflake Linked to Ticketmaster Data Breach Amid Conflicting Reports

The Ticketmaster data breach reportedly involved a third-party vendor, with hacker group ShinyHunters claiming Snowflake's cloud storage service was the entry point. Snowflake confirmed unauthorized access via a former employee's demo account but denied any connection to the breach. Despite the denial, the Australian government issued a warning to Snowflake customers about successful compromises. ShinyHunters claimed access through credentials stolen via Infostealer malware and demanded a $20 million ransom. The breach remains under investigation, with Snowflake advising clients to enhance security measures. Read more


Vermont Legislature Passes Comprehensive Data Privacy Bill HB 121

On May 10, 2024, the Vermont legislature passed HB 121, which includes the Vermont Data Privacy Act (VDPA), the Data Broker Security Breach Notice Act, and the Age-Appropriate Design Code. The VDPA, effective July 1, 2024, will impose data privacy obligations on businesses based on consumer data thresholds, with more stringent criteria over time. Key provisions include controller obligations for data protection, consumer rights to data access, and stringent consumer health data confidentiality. The bill also enforces protections for minors' data and establishes a private right of action for certain violations, effective January 1, 2027. Read more


Advocacy Group Challenges Meta's Use of Personal Data for AI Training

On Thursday, advocacy group NOYB urged European privacy regulators to prevent Meta from using personal data to train AI models without user consent. NOYB filed 11 complaints against Meta, citing changes in Meta's privacy policy effective June 26, allowing the use of users' posts, images, and tracking data for AI. Meta claimed compliance with privacy laws, referencing its May 22 blog about using publicly available and shared information for AI. NOYB's founder, Max Schrems, pointed to a 2021 European Court of Justice ruling against Meta's 'legitimate interest' defense in data usage. Meta faces potential GDPR fines of up to 4% of global turnover for violations. Read more


Ransomware Attack on Physicians' Management Service Provider Affects 300,000+

A ransomware attack on Panorama Eyecare, a Colorado-based management service provider, impacted over 300,000 individuals. Detected on June 3, 2023, unauthorized access occurred between May 22 and June 4, 2023. Panorama Eyecare partners with ten eye physician practices, possibly extending the breach's reach. Data stolen included financial account numbers, credit/debit card details, security codes, access codes, passwords, and PINs. Although no evidence of misuse has been found, affected individuals are offered 12 months of free credit monitoring and identity theft protection. The Russia-linked LockBit gang claimed responsibility on July 15, 2023. Read more


Google Faces Scrutiny Over Series of Privacy Breaches

A six-year span of internal Google reports reveals multiple privacy breaches, as unearthed by 404 Media. The breaches include improper use of children’s voice data, home addresses from carpool services, and recommendations based on deleted YouTube histories. In 2016, Google Street View mistakenly stored vehicle license plate numbers due to text-recognition errors. Another breach exposed over a million email addresses from Socratic.org users, including children. Google confirmed the incidents, stating all flagged issues were reviewed and resolved. The revelations highlight the challenges and importance of stringent data protection measures. Read more

Comments


Featured Posts

Recent Posts

Follow Us

  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square
bottom of page