At WPF, we get a range of calls and emails from consumers. Usually, it’s me who is assisting a consumer, helping them work through a privacy issue or in some cases, a scam that has rattled them. But today, it is me who has gotten a phone call from a ...
We have updated our tips for immediate steps victims (or potential victims) of the Equifax data breach can take. In this updated version of our tips, we have added information for individuals in the UK who want to check and see if they have been affected by the breach, and ...
The US Federal Bureau of Investigation (FBI) issued a rare alert to parents about "smart toys," that is, those that connect to WiFi, and may contain microphones, sensors, and other information-gathering capacities. The alert states that these kinds of toys could pose risks to childrens' privacy and safety. The alert, ...
On December 14 Yahoo announced a serious security breach in which sophisticated data attackers grabbed users' answers to security questions, among other information such as names, email addresses, phone numbers, and birth dates. This breach is particularly worrisome because it culled sensitive information from 1 billion Yahoo customers, which makes ...
Update for March 3, 2016: This week a judge has ordered that the approximately 10 million records of California students held by the California Department of Education will not be turned entirely over to a group of community nonprofits in the Morgan Hill case. Instead, the judge ordered that several ...
Key Consumer Tips for Anthem Breach Victims: Be alert for the key areas of attack post-breach, including Medical ID theft Victims of the Anthem data breach should be aware of three potential areas for risk after the breach: Medical identity theft Financial forms of identity theft Spear phishing and phishing ...
Q: Why is my kid’s email and home address being sold on a marketing list? I didn’t give permission for this information to be released! How did this happen? This kind of sharing could happen unless you proactively opt out of allowing schools to share the information they keep on ...
If you have purchased items with a credit or debit card at the Home Depot from April 2014 onward, your credit and debit cards have been subject to a security breach. Home Depot is offering one year of free credit monitoring through All Clear ID Pro. Because there is already known fraud stemming from this breach, WPF encourages breach victims to sign up for the free credit monitoring. Here's how to sign up ….
Community Health System suffers sophisticated attack from hackers Community Health Systems announced a serious data breach impacting 4.5 million patients across the US, spanning 28 states and covering information gathered over the past five years. The company announced the breach in its SEC filings, and described the breach as originating ...
First, we heard about consumers saddled with unauthorized in-app purchases made by children via Apple's iTunes store apps. Now we are learning that Amazon account holders were also burdened with unauthorized in-app purchases by children, in this case, also to the tune of millions of dollars. It is worth taking the time to ensure children cannot ring up unlimited charges via apps. Using parental controls wisely can be a big help with this.... (Consumer tips)
Today, the FTC announced a court order against a credit repair company that charged consumers advance fees for credit repair services. This has reminded us that credit repair scams are alive and well. The FTC publishes several good consumer guides around credit repair, so does the Consumer Financial Protection Bureau. ...
Target is sending its data breach notices to consumers by email. Please be aware that it could be very easy for you to have missed the original Target data breach letter. Here are our tips to help make sure you get the information you need.
It sounds so innocent: the Tap Pet Hotel app for kids. But one mother complained to the FTC that her child tapped up $2,600 of in-app purchases up while using the app. Other parents complained about unauthorized purchases by children of up to $500 for apps like Dragon Story and ...
The Washington Post published new revelations from Edward Snowden’s leaked documents that revealed that the NSA is scooping up millions of email and IM address books globally. This is a serious piece of snooping business, and it deserves immediate attention on a policy level. For people who are reading this and wondering what you can do today, right now, here are some immediate steps to take.
Seniors, scams, and sweepstakes -- The FTC busted an international sweepstakes scam that spanned 156 countries and raked in $11 million from consumers, primarily those over 65 years of age. "We are pleased the FTC has ended this scam," said Pam Dixon, WPF's executive director. "We are consistently seeing that ...
April 18, 2013 Do you give your zip code to retailers when you buy something? Think twice before you blurt out "90210." WPF's Pam Dixon spoke to Melanie Hicken of CNN Money about data brokers and how our actions and habits define us, and potentially, can shape some of our ...
Mobile privacy -- Mobile app privacy is the topic of the multistakeholder process to be undertaken this week under the direction of the US Department of Commerce. Over the weekend, a NYT article revealed that mobile carriers received more than 1.3 million requests by law enforcement for mobile data, including requests for text messages. This article is a focusing event. It is a reminder that in mobile privacy we need to put the consumer first, focus on what is important, and apply responsibility for privacy and transparency throughout the hierarchy of mobile players, from carriers to platforms to app stores to publishers to developers. It is unclear yet what segments of the hierarchy require what amounts of the burden, but what is clear is that carriers will certainly need to do a lot. It is also clear that the idea of just an icon on a screen to communicate the idea of mobile privacy to consumers is a band-aid approach at best when faced with the truth of where some of the real risks are for consumers.
LifeLock -- The Federal Trade Commission began sending checks to almost a million consumers who were subscribers to the LifeLock ID theft protection service. LifeLock agreed to pay fines of $11 million to the FTC and $1 million to a group of state attorneys generals to settle charges that had been made against the company. Consumers with questions about this distribution may call 888-288-0783 or see the FTC's web page on this, http://www.ftc.gov/refunds.
Job seekers who have safety concerns such as law enforcement professionals, victims of domestic violence, and other victims of crimes such as stalking may be especially at risk
Monster.com | Consumer Alert | Job search privacy -- According to the job site Monster.com, its users' IDs and passwords, email addresses, names, phone numbers, and some "basic demographic data" were compromised in a data breach. Monster notified victims of the security breach through its web site on Friday, January 23, 2009. It is unclear how many people this notice impacts, as Monster.com did not give an estimate. In press reports, however, Monster has admitted that the breach is global, with Asia Pacific and Eastern Europe being spared. Job seekers' information can be used like a road map for criminal ventures, including identity theft, phishing and spamming. User passwords, which Monster.com says were compromised in this breach, are especially valuable as they can potentially be used to access other sites or email accounts, especially if a person regularly uses the same passwords. The World Privacy Forum has published a consumer alert about this data breach with tips for victims. This data breach also impacts USAjobs.com, the government job search site affiliated wiith Monster.com.
Consumer advisory | PHRs and privacy -- The World Privacy Forum has issued a consumer advisory about the privacy of PHRs to help consumers understand and approach the complex privacy issues PHRs can raise. Consumers need to know that not all PHRs protect privacy in the same way, and some PHR systems can undermine consumer privacy in serious ways that consumers may not be expecting.
Opt-out | Financial privacy -- The World Privacy Forum has updated its popular Top Ten Opt Out list to reflect several new change made to the Direct Marketing Association opt outs. In the past, some of the DMA opt-outs, like the Direct Marketing Association's mailing preference lists, used to cost $1. That fee has now been removed for people opting out online. Please see item #3 on the Opt Out list for the complete update.
Consumer alert update -- Monster.com posted a warning on its site stating that all users of Monster.com may have been impacted by the data breach of its systems by hackers. All job seekers need to be aware of potential phishing attacks that are sophisticated and highly targeted, and job seekers with safety considerations need to be aware that their information has likely been compromised. The U.S. Office of Personnel Management has announced that the Federal job site USAJobs (which is outsourced to Monster.com) has also been impacted by the breach. The World Privacy Forum has updated its job seeking tips, and its consumer alert.
World Privacy Forum information and materials on medical privacy topics.
Consumer Alert | Internet privacy | Job search safety and privacy -- The World Privacy Forum issued a consumer alert today warning about a data breach at Monster.com. Security firms that analyzed the breach have stated the breach impacts hundreds of thousands of job seekers. The immediate information that was stolen included job seekers' home address, phone numbers, email address, and resume IDs. Some victims may have received further phishing emails. Job seekers who have safety concerns such as law enforcement professionals, victims of domestic violence and other victims of crimes such as stalking -- who typically do not make their home addresses or personal phone numbers public -- have an immediate need to know if their personal information may be in the hands of criminals. The consumer alert contains tips for victims and links to resources and more information.
