The Risk Report - Jan. 28

Cookie banners are confusing. Sometimes they won’t let you access the website until you accept them, other times they’ll disappear with a click of the “X”. So does anyone really give them any attention, or even know what they’re opting into? Belgian’s regulators seem to think that the answer is “no”...

BREACHES OF THE WEEK

🚂 Freedom hacks

A hacktivist group in Belarus shut down the country’s railroad system this week in a retaliatory response to the government’s recent collaborations with the Russian military. The group, known as Belarusian Cyber-Partisans (”BCP”), has demanded the expulsion of Russian troops from the country as well as the release of 50 political prisoners, making this something of a politically-charged ransomware attack. This comes on the heels of Russia’s purported plans to invade Ukraine in a two-pronged effort with Belarus. The Belarusian Supreme Court has labeled the BCP a “terrorist movement”.

Read the full story

🚗 Unfair trade-in

Jim Koons Automotive Company, a network of car dealerships throughout Virginia, Delaware, and Maryland has announced that it recently experienced a data breach affecting more than 114,000 people. In a post on its website, Koons explains that it discovered “unusual activity” dating back to June 2021. Those to whom the dealership mailed breach notification letters were clearly not pleased, as a class action lawsuit is now in the works.

Read the full story

💉 What are you on?

St. Lucie County, on Florida’s Atlantic coast, discovered a data breach at its drug screening lab that exposed the personal information of over 14,000 people. In a letter sent to those impacted, county officials wrote that Social Security numbers, types of drug tests, as well as test results, were all among the data exposed. The lab is used primarily for court cases and pre-employment screening. Complimentary identity protection has been offered to those impacted.

Read the full story

NOTEWORTHY THIS WEEK

🔎 Topics of discussion

Google announced this week that it is replacing tracking cookies, and its highly-controversial FLoC, with a new advertising targeting system called Topics. This change comes after almost a year of staunch criticism against FLoC, which many argued was a half-baked concept that would only end up exposing even more sensitive information about users’ online habits. Topics will surely be met with its own criticism, however, as one group believes that the tech giant has an unfair monopoly and that phasing out cookies will put publishers at a disadvantage.

Read the full story

📸 Get your good side

The Internal Revenue Service (”IRS”), the tax collector of the US government, recently announced that it will now require facial recognition scans in order for individuals to access their taxes online. The IRS will use a private company called ID.me for the service, which has some privacy advocates very concerned. Fight for the Future has accused the company of “lying about the scope of its facial recognition surveillance”, while ID.me Founder and CEO Blake Hall played defense in a recent lengthy LinkedIn post.

Read the full story

‍

Want to receive this newsletter weekly? Subscribe for the latest news on data breaches and privacy legislation.