This Week in Data Breaches: Wireless Carriers & Weather Channel Selling Location Data
To start off the new year, we have startling new revelations about US wireless carriers selling real-time location data, a massive data leak in Germany, and more data breach settlements. Here we round up the latest in data news.
Wireless Carriers Selling Real-Time Location Data
Motherboard revealed this week that major US wireless carriers, including Sprint, T-Mobile, and AT&T, are selling customers’ real-time location data, making it possible for bounty hunters and other unauthorized individuals to track millions of phones, and thus people, in the US. Motherboard’s investigation raises serious concerns about the data practices of major wireless carriers, and highlights the extent of surveillance that is possible using location data, making it possible for criminals, companies, and individuals to track others in granular detail.
Read more from Motherboard and Wired.
Weather Channel Accused of Selling User Data
The city of Los Angeles has filed a lawsuit against The Weather Channel, claiming that the company collects and then sells location data without their users’ consent. The Weather Channel app, which has over 45 million monthly active users, allegedly misrepresents to users what location tracking is used for, failing to disclose that location data is being sold on to third-parties. The lawsuit comes on the heels of a New York Times investigative report that detailed how over 75 companies collect, use, and profit off of location data.
Read the full lawsuit.
Massive Data Leak in Germany
A massive data breach in December, that wasn’t revealed until the beginning of this year, has rocked the German Bundestag. Personal data on hundreds of German politicians, celebrities, and other notable figures, including Chancellor Angela Merkel, was slowly leaked over the course of December by a hacker on Twitter under the handle “@_Orbit.” Leaked documents included email addresses, phone numbers, internal party documents, credit card numbers and personal chat transcripts. On Tuesday, police announced that a 20-year-old man was arrested in connection to the leak and later confessed.
Read more from the Guardian.
Neiman Marcus Settles for $1.5 Million
On Tuesday, more than 40 state attorneys general announced that they had reached a $1.5 million settlement with Neiman Marcus over its 2014 data breach in which 370,000 credit card numbers were stolen from 77 Neiman Marcus stores. Of the 370,000 credit cards, more than 9,200 ended up being used fraudulently. In the statement, Texas Attorney General Ken Paxton said, “I urge companies to evaluate whether they have in place a thorough and ongoing written information security program that serves to safeguard their customers’ information.”
Read the full settlement.
NSA Data Theft Saga
In another twist in the already strange National Security Agency data theft saga, in which a security contractor for the NSA was arrested in 2016 for the largest theft of classified documents in US history, Politico detailed on Wednesday how Russia-based Kaspersky Lab helped expose the theft by reporting suspicious Twitter messages to NSA contacts. Within days of sending the messages, Harold T. Martin III was arrested by federal authorities in possession of an estimated 50 terabytes of classified data, which included some of the NSA’s most guarded hacking tools.
Read the full story from Politico.
Bloom: Take Back Control of Your Data
At Bloom, we are giving you the tools to take back control of your data.
Bloom enables you to own, authorize the use of, and protect your data using the latest advancements in blockchain technology. With Bloom, the risk of your data being exposed in a data breach or leak is greatly reduced. No more centralized data storage. No more selling off your data to the highest bidder. No more risking identity theft. Your identity, and your highly sensitive personal and financial information, is securely safeguarded on your own personal device using cutting-edge cryptography.