The Risk Report - Jan. 7

Read on to learn what changes 24,000 people—including one Senator—want to bring to the US, and what it could mean for some of the biggest names in tech.

‍

BREACHES OF THE WEEK

📱 Change your PIN

US Cellular, America’s fourth-largest wireless carrier, suffered a data breach last month after its customer billing system was hacked. The company notified customers this week, mailing letters to the 405 impacted individuals. In its official statement, the wireless carrier explained that “unauthorized individuals illegally accessed our billing system and gained access to wireless customer accounts that contain personal information” including names, addresses, PIN codes, phone numbers, and service plan data. In response to the attack, US Cellular has notified the Federal Communications Commission and has forced reset all employee passwords and customer PINs.

Read the full story

🏥 Stolen medical records?

Broward Health, a public hospital system in South Florida, has suffered a data breach. In its official statement, the hospital announced that the breach, which happened this past October 15th, resulted in hackers accessing the PII of more than 1.3 million current and former patients and staff members. Among the PII accessed includes insurance information, driver’s license numbers, medical history, and bank account information. Broward Health has notified the FBI and Department of Justice and is offering complimentary credit monitoring to those impacted.

Read the full story

‍

NOTEWORTHY THIS WEEK

💰 Negative ROI

Morgan Stanley has agreed to pay $60 million to settle a class-action lawsuit that has accused the American banking giant of failing to adequately safeguard its customers’ personal information. According to court documents, Morgan Stanley had put the PII of 15 million current and former clients at risk when it disposed of old, unencrypted data center equipment without properly wiping it of sensitive customer data. Morgan Stanley denies the claims brought against them.

Read the full story

🇺🇸 Liberty and privacy for all

An online petition with over 24,000 signatures is calling on the US Congress to enact a federal data privacy law. The petition, which directly calls out the “dangerous algorithms” of Facebook and YouTube, has managed to garner the support of Ron Wyden, a Democratic Senator from Oregon. Senator Wyden, who has led many efforts in recent years to enact federal data privacy laws, stated “If we had a strong privacy law on the books, Mark Zuckerberg would already be in jail for his serial lying about Facebook’s abuse of Americans’ data”.

Read the full story

🇨🇭 Swiss Army app

The Swiss Army has told its troops to stop using foreign-owned messaging apps such as WhatsApp or Signal and to instead only use Swiss-owned Threema for any official communication. American-owned technology companies are subject to the CLOUD Act of 2018, which allows federal law enforcement to issue warrants or subpoenas in order to gain access to requested data. As Threema is a private Swiss-owned company, is it not subject to the CLOUD Act, keeping its information safe from the US and other foreign governments.

Read the full story

‍

Want to receive this newsletter weekly? Subscribe for the latest news on data breaches and privacy legislation.