If your car has a smartphone integration and self-driving cameras, it knows a lot about you. Connected cars might still be rather novel, but by 2030, it's set to become a multi-billion dollar industry. One carmaker doesn't like this, and wants to ensure that its customers still get to drive like nobody's watching.
A major breach at the Texas Department of Insurance (”TDI”) has impacted nearly 1.8 million Texans who filed workers’ compensation claims between March 2019 and January 2022. In its official statement, TDI explained it first became aware of the breach against one of its web apps on January 4th, 2022. The tool, used to manage workers’ comp information, was immediately taken offline, and a third-party forensics company was hired to assist with the investigation. Among the PII potentially impacted includes names, addresses, dates of birth, phone numbers, Social Security numbers, and claim details. TDI has set up a telephone for those impacted and is continuing its investigation. Hope the insurance department has a good insurance policy.
Dis-Chem, a South African retail pharmacy chain with over 200 stores, has suffered a data breach impacting 3.6 million customers. In its official statement, the retailer explained that one of its customer databases, which was built and managed by an outside firm, was breached on May 1st, 2022. PII potentially accessed includes full names, email addresses, and cellphone numbers. Dis-Chem continues to investigate the incident and reports that “additional safeguards” have been deployed against the database, including “enhanced access management protocols”.
Parker-Hannifin (”Parker”), one of America’s largest manufacturing companies, has suffered a data breach impacting members of its corporate health insurance plans. In a press release, the company announced that the breach, carried out by an unauthorized third party, was first discovered on March 14th, 2022, and that impacted systems were immediately shut down by Parker’s IT teams in accordance with the company’s incident response protocols. PII potentially accessed includes Social Security numbers, dates of birth, addresses, driver's license numbers, U.S. passport numbers, financial account information, login credentials, health insurance information, and, in some cases, medical treatment information. Letters have been mailed to those impacted, and Parker is working with law enforcement on a full investigation.
Cars are becoming increasingly “connected”, with smartphone integrations and self-driving tech monitoring where, when, and how we drive. For some, that's a revenue driver, but for Volkswagen Group’s Porsche, it’s an opportunity to earn customer trust. The German luxury automaker has announced that it will allow customers to prevent the collection of their personal data altogether through vehicle settings. “It’s not our business to sell data and to make money out of the data of our customers. It’s our business aim to make better services and products out of the data,” said Christian Völkel, Porsche’s Chief Privacy Officer. Sounds like we might have a new leader of the pack.
A new bipartisan bill has been introduced in the US Senate that seeks to separate tech giants from their advertising businesses. The Digital Advertising Act would apply to companies generating more than $5 billion in digital advertising revenue. On the higher end, companies generating more than $20, like Google, would be prohibited from operating in multiple areas of the ad business, having to pick just one area in which to operate. Senator Mike Lee of Utah, one of the bill’s sponsors, says that this bill will be the first step towards “liberating the internet—and therefore much of the 21st century economy—from the grip of Big Tech monopolists”.
Want to receive this newsletter weekly? Subscribe for the latest news on data breaches and privacy legislation.
DOWNLOAD THE EBOOK
Shift Left: Turn Security into Revenue and join the security revolution.