Kaseya has reported that their VSA product has been the victim of a cyberattack. Some VSA customers have reported ransomware related to this issue. The Cybersecurity and Infrastructure Security Agency (CISA) also released instructions regarding this incident for customers of Kaseya VSA.
Virginia passed new privacy state legislation in March 2021: The Consumer Data Protection Act (CDPA). The International Association of Privacy Professionals (IAPP) has summarized the requirements of this new state law intended to protect the privacy of Virginia residents.
iOS 14 also shows if an app is using the camera or phone. A green indicator will appear if an app is using the device’s camera, and an orange indicator will appear if the microphone is in use. App settings for hardware use can be changed under Settings > Privacy. Apps running on iOS14 will also be required to obtain permission to track users starting in early 2021.
Apple has provided a list of compatible devices for iOS 14 and iPadOS.
Windows 10 Activity History has local records of apps and services in use, files that were opened, and visited websites. This information may be periodically sent to Microsoft under the default options. These settings can be changed and are found at Start Button > Settings > Privacy > Activity History.
Facebook will prompt its users to review their privacy settings within the next few weeks as part of a rollout of new and revised privacy features:
- An updated Privacy Checkup tool;
- An Off-Facebook Activity tool with a summary of data from third-party sites used for targeted ads, with an option to delete this data;
- A new Alerts for Third-Party Logins feature that allows you to see how your Facebook login is being used by other apps and services.
Avast announced that they have decided to end operations for its subsidiary data analytics company Jumpshot because of public concerns about user privacy. Avast’s free and paid antivirus software is used by millions of computer and mobile device users.
Quest Diagnostics issued a statement that billing collections service American Medical Collection Agency (AMCA) had potential unauthorized activity on AMCA’s web payment page, which could have compromised the data of about 11.9 million Quest patients. Lab results were not affected by this incident. Quest Diagnostics is continuing their investigation.
Some of the more comprehensive lists of known data breaches include:
- USA Today list of largest data breaches and hacks
- CNN.com – biggest data breaches in history
- Bloomberg.com – worst corporate hacks list
- Krebs on Security – data breaches
- Wikipedia data breach list
- State of California data breaches list
Identity theft victims can receive advice from these websites:
- Federal Trade Commission (FTC) – Identity Theft Help
- FTC – Additional resources for identity theft victims
- FTC – Report fraud
- FTC – Guidance on how to avoid fraud
- FTC Complaint Assistant
- Internal Revenue Service (IRS) – report tax fraud activity
- Internal Revenue Service (IRS) – Identity Protection PIN (IP PIN)
- IRS Form 14039 – Identity Theft Affidavit
- U.S. State Dept. – Report a lost or stolen passport
- Better Business Bureau (BBB) – identity theft scams
- FBI Internet Crime Complaint Center (IC3) – report a crime
Stanford Law School’s Center for Internet and Society (CIS) has an interactive map that lists Internet legal developments around the world. More information about this map can be found at the CIS map’s FAQ page.