SAP Netweaver Visual Composer users are urged to patch a critical vulnerability that attackers are actively exploiting. According to ReliaQuest, which detected the vulnerability, the attacks allow full system compromise through unauthenticated file uploads. Although SAP has issued an
Data Privacy + Cybersecurity Insider
Leveraging Knowledge to Manage Your Data Risks
Latest from Data Privacy + Cybersecurity Insider
PIH Health Settles HIPAA Violations for $600,000
PIH Health, a health care entity located in California, suffered a data breach in June 2019 when 45 employee email accounts were compromised in a targeted phishing campaign. The accounts contained the protected health information (PHI) of 189,763 individuals, including…
The VPPA: An Old Law with New Streams
By Roma Patel
Enacted in 1988, the Video Privacy Protection Act (VPPA) was intended to regulate the then-booming videotape industry by limiting how video rental and sales data is disclosed. The law was enacted in direct response to the publication of a Supreme…
Workado Settles With FTC Over Alleged Misrepresentations of AI Accuracy
The Federal Trade Commission (FTC) issued a press release this week announcing that it settled with Workado over alleged misrepresentations of its ability to detect whether content was generated by artificial intelligence (AI) or humans.
Workado’s AI Content Detector was…
Privacy Tip #442 – Oregonians Push Back Against DOGE’s Access to Personal Information
On April 21, 2025, the Oregon Department of Justice’s Privacy Unit reported a “big spike” in complaints about the Department of Government Efficiency (DOGE) in the first quarter of 2025.
The report stated, “Specifically, Oregonians are concerned about how government…
Insight Into DOGE’s Access to HHS’ Systems
Becker’s Hospital Review reports that the Department of Government Efficiency (DOGE) “has access to sensitive information in 19 HHS databases and systems,” according to a court filing obtained by Wired. HHS provided the information during the discovery process in the…
Re: Watch What You Say Here
By Roma Patel
The Commercial Electronic Mail Act (CEMA) is a Washington State law that prohibits sending state residents a commercial email misrepresenting the sender’s identity. A commercial email promotes real property, goods, or services for sale or lease. A recent Washington Supreme…
FTC Settles With accessiBe For Misleading Statements About WCAG Compliance
The Federal Trade Commission (FTC) announced on April 22, 2025, that it has approved a settlement entered into a Final Order with accessiBe, which claimed its plug-in product, accessWidget, “can make any website compliant with Web Content Accessibility Guidelines (WCAG).”…
Threat Actors Use AI to Launch Identity Theft Scams
Identity theft will continue to rise in 2025. According to the Better Business Bureau of Missouri (BBB), it received over 16,000 identity theft complaints in the past three years. Scammers are “increasingly using advanced tactics such as artificial intelligence to…
Privacy Tip #441 – Identity Theft Statistics Increasing in 2025
Unfortunately, identity theft continues to increase, and according to Identitytheft.org, the statistics are going to get worse in 2025. Some of the statistics cited by Identitytheft.org include:
- 1.4 million complaints of identity theft were received by the Federal Trade
…