Ignoring a breach disclosure can have ugly consequences. Case in point: Lumin PDF, a PDF editing tool, which saw data for much of its user base - about 24.3 million - published in an online forum late Monday. Data breach expert Troy Hunt says it's sign of the dysfunction in the breach disclosure process.
The U.S. Justice Department has sued Edward Snowden over his new memoir, claiming that the former NSA contractor violated a nondisclosure agreement he signed when he worked for the government before becoming the world's best-known whistleblower. The suit seeks to collect all profits from the book.
An unsecured database owned by an Ecuadorian consulting company left over 20 million records on the South American country's citizens exposed to the internet, according to a report from two independent security researchers. An official investigation is underway.
Ahead of the release of Edward Snowden's memoirs chronicling his decision to bring illegal "big data" domestic U.S. surveillance programs to light, a former NSA intelligence specialist points out that the U.S. still lacks a whistleblowing law to protect intelligence workers who spot illegal activity.
Israel-based cyber-intelligence firm NSO Group, which has been accused of selling technology that enables governments to spy on citizens, is pledging to adopt human rights guidelines developed by the United Nations. But critics of the firm question whether its moves are meaningful.
In the wake of major data breaches in Singapore, the nation's Personal Data Protection Commission has come out with stricter rules for collection and disclosure of the National Registration Identity Card, or NRIC, and other national identification numbers.
A widely used brand of GPS location-tracking devices - for keeping tabs on children, elderly relatives and pets - have security flaws that could allow anyone with an internet connection to track the devices' real-time location and historical movements, warns security firm Avast.
A "zero trust" security model makes it easier to manage application access and protect against malicious users, but the rollout of the model must be managed in a very organized way, says Mani Sundaram, CIO and EVP, Global Services and Support, at Akamai Technologies.
Artificial intelligence and machine learning must be judiciously used, such as when monitoring internet of things devices, says David De Roure, professor of e-research at the University of Oxford, who offers insights on IoT risk management.
The long-delayed data protection bill is on track to be finalized in time to be voted on by India's parliament in its winter session, says one official on the committee that's been drafting the measure.
Facebook won a victory in Germany after a court suspended an order from the Federal Cartel Office that sought to prohibit the social network from aggregating personal data from other services and sources. The Cartel Office plans to appeal the ruling.
Sweden's Data Protection Authority has issued its first fine for violations of the European Union's General Data Protection regulation after a school launched a facial recognition pilot program to track students' attendance without proper consent.
India's Supreme Court has agreed to consider social media giant Facebook's request that the apex court review cases now pending before several state high courts regarding linking social media profiles to Aadhaar numbers in an effort to help curb the spread of fake news.