Insecurity
Jump to navigation
Jump to search
Insecurity is a form of INFORMATION PROCESSING privacy harm under the Solove taxonomy. Insecurity is defined as "carelessness in protecting information from leaks or improper access."
- An e-commerce website allowing others to view an individual's purchase history by changing the URL (e.g. enterprivacy.com?id=123)
Additional comments
Occurrences
- 45 Million Medical Files Leaked (December 2020)
- Amazon Gives Access to Alexa Recordings to a Wrong User (2018)
- Amazon’s Ring Security Camera (2020)
- Anthem Data Breach (2014)
- Attempt to Extort Toronto Hospital Using Stolen Patient Data (October 2020)
- Attorney-Client Calls by Jails (July 2020)
- Australian News-Sharing Platform Leaks 80 Thousand User Records (October 2020)
- Australian Security Cameras Hacked (June 2020)
- Belarusian Hackers Leaked Police Personal Information (September 2020)
- Cambridge Analytica and Facebook Scandal (2016)
- Canada Revenue Agency Credential Stuffing Attack (August 2020)
- Central Health Employee Accessed Patient Data (July 2020)
- Child Safety Smartwatches Easy to Hack (2017)
- College Recruitment Database Leak (July 2020)
- Contact Tracing Apps (July 2020)
- Cyber Espionage on LinkedIn (July 2020)
- Data Breach Compromising 500 Thousands Call of Duty Accounts (September 2020)
- Data Breach at Immigration Law Firm (November 2020)
- Data Broker Exposes Millions Of Profiles (August 2020)
- Dating Apps User Information Leaked Online (June 2020)
- EasyJet Cyber Attack (May 2020)
- Equifax Data Breach (2017)
- Exploit on Apple’s Secure Enclave (July 2020)
- FBI's De-anonymization Attack on Tor (November 2014)
- Facebook's "People You May Know" Feature (November 2017)
- Female Student Killed After Blackmail (2020)
- Flickr Share Images with MegaFace (2014)
- Freepik Company Data Breach (October 2020)
- GEDmatch Accidentaly Share Data With Police (July 2020)
- GEDmatch DNA Testing Website (2019)
- German Police Accesses People’s WhatsApp Message (July 2020)
- Google Bug Sent Private Videos to the Wrong People (2020)
- Google Collects Firebase Data (2020)
- Google+ Bugs Exposed Private Profile Information (2018)
- Grabs Four Privacy Breaches in Two Years (September 2020)
- Gravatar Can Be Abused for Information Collection of Its Profiles (October 2020)
- Hack of Celebrities Revealing Photos (2014)
- Hack of Law Enforcement Websites Exposes Personal Information of 700,000 Cops (June 2020)
- Hack of Psychotherapeutic Clinic in Finland (October 2020)
- High-Profile Twitter Accounts Hack (July 2020)
- IOS Apps Access to Camera (October 2017)
- Impersonating Profiles on Grindr (September 2018)
- Improperly Anonymized Taxi Logs (July 2014)
- Information About Adopting Parents Shared With Birth Parents (2016)
- Instagram Keeping User Information After Deletion (August 2020)
- Iranian Hackers Found Way Into Encrypted Apps (September 2020)
- Jeff Bezos's Phone Hack (April 2018)
- Jogger Wound Up in an Ad Without Knowing (November 2017)
- LabCorp Security Flaw Exposes Information of Their Customers (2019)
- Leaked Sex Tape Genre on PornHub (July 2020)
Laws and Regulations
The following laws and regulations address the Insecurity harm.
- (740 ILCS § 14/). Biometric Information Privacy Act. (United States, Illinois)
- (815 ILCS 530/) Personal Information Protection Act. (United States, Illinois)
- (815 ILCS § 530/10). Notice of breach; notice to Attorney General. (United States, Illinois)
- 17 CFR § 248.30 (United States)
- 201 CMR 17.00. Standards For The Protection of Personal Information of Residents of The Commonwealth. (United States, Massachusetts)
- 23 NYCRR 500. Cybersecurity Requirements For Financial Services Companies. (United States, New York)
- 42 CFR Subpart F (United States)
- 42 U.S.C. Subchapter VII (United States)
- 42 U.S.C. § 1396a (United States)
- 44 U.S.C. Chapter 33 (United States)
- 5 U.S.C. §552a (United States)
- 653-13.2(148, 272C). Standards of practice—appropriate pain management. (United States, Iowa)
- AL SB 301 (United States, Alabama)
- Alabama Data Breach Notification Act of (2018) (United States, Alabama)
- Bank Secrecy Act (United States)
- CA AB 713 (United States, California)
- CA AB No. 499 (United States, California)
- CA. SB 327. (2018) (United States, California)
- CH. 1. Trade and Commerce; General Provisions. (United States, South Carolina)
- CH. 19.255. Personal Information—Notice of Security Breaches. (United States, Washington)
- CH. 51-30. Notice of Security Breach for Personal Information. (United States, North Dakota)
- CH. 521. Unauthorized Use of Identifying Information. (United States, Texas)
- CH. 62. Protection of Personal Information. (United States, Vermont)
- CH. 743DD. Protection of Social Security Numbers and Personal Information. (United States, Connecticut)
- CH. 82. Security Freezes and Notification of Data Breaches. (United States, Massachusetts)
- CH. 93H Security Breaches (United States, Massachusetts)
- CH. 93I. Dispositions and Destruction of Records. (United States, Massachusetts)
- CO. HB 09-1338. (United States, Colorado)
- CO. HB 18-2118. Concerning Strengthening Protections For Consumer Data Privacy. (United States, Colorado)
- Cable Communications Policy Act of 1984 (United States)
- California Consumer Credit Reporting Agencies Act (United States, California)
- California Consumer Privacy Act of (2018) (United States, California)
- California Privacy Rights Act (United States, California)
- Children's Online Privacy Protection Act of 1998 (United States)
- Children's Online Privacy Protection Rule (2000) (United States)
- Communications Act of 1934 (United States)
- Computer Fraud and Abuse Act of 1986 (United States)
- Computer Matching and Privacy Protection Act of 1988 (United States)
- Connecticut Insurance Information and Privacy Protection Act. (United States, Connecticut)
- Cybersecurity Enhancement Act of 2014 (United States)
- Cybersecurity Information Sharing Act of 2015 (United States)
- DEL. HB 180. Breaches of Security involving Personal Information. (United States, Delaware)
- Electronic Signatures in Global and National Commerce Act (United States)
- Employee Polygraph Protection Act (United States)
- Fair Credit Reporting Act of 1970 (United States)
- Family Educational Rights and Privacy Act (United States)
- Federal Information Security Management Act of 2002 (United States)
- Federal Policy for the Protection Human Subjects (United States)
- Foreign Intelligence Surveillance Act of 1978 (United States)
- Freedom of Information Act (FOIA) (United States)