Data breach at Total Fitness exposed almost half a million people’s photos – no password required

UK-based gym chain Total Fitness has been accused of sloppy security, following the discovery of an unsecured database containing the images of 470,000 members and staff – all accessible to anyone on the internet, no password required.

Read more in … Continue reading Data breach at Total Fitness exposed almost half a million people’s photos – no password required

Breach Clarity Weekly Data Breach Report: Week of May 3

Each week Breach Clarity, recently acquired by Sontiq, compiles a list of what it considers to be notable data breaches—those that are worth highlighting because of the increased intensity of the risk to personal information. The Breach Clarity score … Continue reading Breach Clarity Weekly Data Breach Report: Week of May 3

Virginia Enacts New Data Privacy Law

On March 2, 2021, Virginia Governor Ralph Northam signed the Commonwealth’s first comprehensive data privacy law, the Consumer Data Protection Act, making Virginia the second state, after California, to do so. California’s Consumer Privacy Act, … Continue reading Virginia Enacts New Data Privacy Law

Borderline Unreasonable Electronic Device Searches

It has long been the law that searches – of one’s person, places, houses and effects – without probable cause and a warrant are presumptively unreasonable. Moreover, searches of electronic devices, which contain massive amounts of intimate… Continue reading Borderline Unreasonable Electronic Device Searches

Breach Clarity Data Breach Report: Week of Feb. 1

Each week Breach Clarity compiles a list of what it considers to be notable data breaches—those that are worth highlighting because of the increased intensity of the risk to personal information. The Breach Clarity score identifies the level of risk o… Continue reading Breach Clarity Data Breach Report: Week of Feb. 1

When Do You ‘Exceed’ Your Authorization to Use Computer Data?

The law is murky on what constitutes legal authorization and use of computer data In Greek mythology, Cassandra was cursed with the ability to know the future, and with the inability to effectively warn anyone about it. Her warnings about the origins … Continue reading When Do You ‘Exceed’ Your Authorization to Use Computer Data?

California Federal Court Weighs In (Again) on Social Media Scraping

Social media sites such as Facebook and LinkedIn have collected personal information on hundreds of millions of subscribers. They have also promised those subscribers that their data will only be shared or used for particular purposes—agreements that … Continue reading California Federal Court Weighs In (Again) on Social Media Scraping

Cayman Islands Bank Records Exposed in Open Azure Blob

An offshore Cayman Islands bank’s backups, covering a $500 million investment portfolio, were left unsecured and leaking personal banking information, passport data and even online banking PINs. Continue reading Cayman Islands Bank Records Exposed in Open Azure Blob

Dating Site Bumble Leaves Swipes Unsecured for 100M Users

Bumble fumble: An API bug exposed personal information of users like political leanings, astrological signs, education, and even height and weight, and their distance away in miles. Continue reading Dating Site Bumble Leaves Swipes Unsecured for 100M Users

Home Depot Confirms Data Breach in Order Confirmation SNAFU

Hundreds of emailed order confirmations for random strangers were sent to Canadian customers, each containing personal information. Continue reading Home Depot Confirms Data Breach in Order Confirmation SNAFU