shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.

Administered by:

Server stats:

277
active users

#notification

1 post1 participant0 posts today
Replied in thread

@ai6yr @briankrebs OFC this targets #TechIlliterates and the only effective means here are:

  1. Teach #TechLiteracy instead of consumerism.
  2. Mandate #confirmation & #notification - #PopUp|s for every use of #Clipboard (similar to #webcam use by websites)...
  3. Ban #JavaScript - seriously!
  4. Ban #Windows, because it's a #Govware, espechally since #Windows10 and even more so on #Windows11 that is *insecure in every configuration!
  5. Put #TechIlliterates before a system they can't feck up. I.e. @tails_live @tails / #Tails for that reason alone (can't run such commands if they neither got #root nor any #persistent #storage to target).
  6. Normalize the use of @torproject #TorBrowser!
  7. #Teach #tech #literacy instead of #consumerism!
  8. Ban #GAFAMs and their shitty products!
  9. Migrate every #TechIlliterate to #Linux and don't give them administrative privilegues.
  10. Teach tech literacy instead of consumerism!

Health-care billing company Medical Billing Specialists Inc. (MBS Select) has been hit with a potential class action lawsuit over their 2024 breach.

Notifications first went out a year after the attack by Akira ransomware group.

databreaches.net/2025/02/26/me

h/t, Bloomberg Law.

Direct link to complaint: bloomberglaw.com/public/deskto

databreaches.netMedical Billing Vendor Sued Over Health Data Leak ‘Gold Mine’ – DataBreaches.Net

Anyone else think that the HHS OCR monetary penalty imposed on Solara Medical was too steep? $3M is one of the steepest monetary penalties HHS OCR has imposed.

I'm glad to see enforcement of the timely notification requirement, but so many entities have blown the risk assessment requirement and the 60 day notification regulations so why is Solara being hit with such a stiff penalty?

databreaches.net/2025/01/14/hh

databreaches.netHHS Office for Civil Rights Settles HIPAA Phishing Cybersecurity Investigation with Solara Medical Supplies, LLC for $3,000,000 – DataBreaches.Net

When you don't know why you are being notified of a breach, Tuesday edition.

Back in March, I reported on a #ransomware attack on New York Plastic Surgical Group/Long Island Plastic Surgical Group. I would later help get one of the threat actors' storage sites taken down.

Fast forward to yesterday, when to our surprise, my husband received a breach notification letter from NYPSG. Neither one of us can recall him ever being a patient of theirs for anything.

[Had I known NYPSG had his data, I would have examined the data tranche more!]

Needless to say, we have questions....

databreaches.net/?p=113912

#HIPAA #databreach #incidentresponse #transparency #notification #HITECH

@brett @campuscodi @zackwhittaker

databreaches.netWhen you don’t know why you are being notified of a breach, Tuesday edition – DataBreaches.Net

I was just reading a follow-up on the Philippine Health Insurance (PhilHealth) breach by #Medusa in 2023, and I read something that struck me as unusual:

The govt didn't pay the TA's demands but what they did do was set up a portal where citizens could check to determine if Medusa had leaked their personal identification number.

I can't recall any govt or private sector entity ever creating a portal like that before. Can you? I mean, telling people to check HaveIBeenPwnd is one thing, but to create a portal on a .gov domain to check what TAs leaked?

Portal: philhealthleak.privacy.gov.ph/

@campuscodi @zackwhittaker @brett @troyhunt

philhealthleak.privacy.gov.phHome NPC | PhilHealthLeak
Replied in thread

@aral
I've never understood why the act of taking a screenshot generates a persistent notification by default in most screenshot apps.

Like, I already know a screenshot was taken; I'm the one who took it! And if I need to do something with the screenshot I just took, I want to either click on an ephemeral toast notification that pops up immediately after, or set the screenshot app to save all screenshots to a folder, and then retrieve them from there if/when I need them.

Persistent notifications for ephemeral actions should not exist.

while true {
for event in events {
time = currentTime()
if time >= event.startTime && time < event.endTime {
sendNotification(event);
}
}
sleep(60 * 5);
}

I wonder how many people are going to disable notifications from this app completely because of this.

These two notifications have been firing for HOURS, and it’s still going. I expect it to continue firing until the events end tomorrow.

@MonaApp The latest builds still has issues with #synch’ing notifications between devices. I see a #notification pop up on the iPhone, ignore it completely, even leave the phone on the on the MagSafe charger…. I look at Mona on the #Mac, a notification count shows on the Mac Icon. I open Mona on the Mac, no notification indicator on the Notification bell at all. It’s therefore easy to forget it’s there. Same thing happens in reverse between the Mac and #iOS.

I may have to stop using #Tumblr because it has a #notification that won't go away. Clicking on the blog that the notification is from shows no activity, but the notification remains.

It's possible that deleting my Tumblr blog might clear the notification? But I think I'd rather leave my blog up and just never look at Tumblr again.

Replied in thread

@adamshostack @dmgedgoods @molly0xfff @briankrebs

In October 2022, a db with 532k members' info was shared on a clearnet forum.

In February 2023, a different user had a sales listing that begins:

"Hello, I recently breached Eye4Fraud and dumped a full database backup uploaded on their s3 storage servers. This backup is dated 01-25-2023.

They provide protection for ecommerce merchants.

The database contains around 29 million rows of customer order data from many different sites. It also contains domain and merchant info.
Does not contain hashes. "

So I guess there's a valid question as to why Eye4Fraud hasn't issued any notice to members or a statement?

The Unexpected Effect of the Introduction of Mandatory Breach Notification Requirements in Québec:

Lawyers at McCarthy Tétrault write:

"Since September 22, 2022, organizations doing business in Québec have to report any confidentiality incidents (i.e., privacy breaches) that cause a risk of serious injury, due to the partial entry into force of An Act to modernize legislative provisions as regards the protection of personal information (formerly known as “Bill 64”)."

Read more at:

lexology.com/library/detail.as

LexologyThe Unexpected Effect of the Introduction of Mandatory Breach Notification Requirements in QuébecSince September 22, 2022, organizations doing business in Québec have to report any confidentiality incidents (i.e., privacy breaches) that cause a…