At a glance.
- Just how much do your apps know about you?
- Georgia health system suffers data breach.
- Data breach at Oklahoma school.
Just how much do your apps know about you?
Though Google recently introduced new data privacy labels in its Google Play Store intended to help users understand how apps use or share their data, many might be surprised to learn just how much their apps know about them. Data deletion service provider Incogni offers a look at the privacy and security practices of the most popular applications available in the Google Play Store. After investigating the top one thousand paid and unpaid apps, they found that over half the apps share user data with third parties. In general, it seems the more popular the app, the more data it’s collecting and sharing. Although apps from social media giants like Facebook and Instagram claim they share very little user data, they actually were found to be collecting the most user information, about thirty-six out of the thirty-seven data points identified. Apps boasting more than 500,000 downloads share, on average, 6.15 times more data than less popular apps, with shopping apps being the biggest sharers and social media apps collecting the most data. While the most shared data points were app interactions, crash logs, and diagnostics, 13.4% of apps were found to be sharing user location data, and a significant number share other personal data like email and street addresses. And proving that everything in life comes at a cost, free apps were found to be sharing seven times as much data as paid apps.
Georgia health system suffers data breach.
CorrectHealth (CH), a US healthcare provider based in the state of Georgia that serves individuals at correctional facilities, has disclosed a breach that exposed the data of 54,000 individuals. CH says suspicious network activity was detected in November last year, and the subsequent investigation lasted until July of this year, working with the Federal Bureau of Investigation “as part of a larger investigation into the threat group responsible.” Heath IT Security reports that patient full names, Social Security numbers, and addresses were potentially compromised. Though there is no indication that the data has been misused, CH has implemented several security measures, including resetting all employee passwords, adopting an advanced phishing service for CH’s email tenant, adding disclaimers on all externally received emails, and implementing Multi-Factor Authentication for all administrative staff.
Data breach at Oklahoma school.
News 9 reports that Tulsa Tech, a public education institution with several campuses across the US state of Oklahoma, experienced a data breach in June. The school says an intruder exfiltrated data belonging to students enrolled between the years 1986 and 1999, and that the exposed information includes student names and Social Security numbers. While it is unclear how the breach was caused or how many students were exposed, Tulsa Tech sent out notification letters to impacted students on August 18th.