E3’s organizer apologizes after revealing information for thousands of journalists

E3’s organizer apologizes after revealing information for thousands of journalists

11:06am, 3rd August, 2019
The Entertainment Software Association issued an apology of sorts after making available the contact information for more than 2,000 journalists and analysts who attended this year’s E3. “ESA was made aware of a website vulnerability that led to the contact list of registered journalists attending E3 being made public,” the organization said via statement. “Once notified, we immediately took steps to protect that data and shut down the site, which is no longer available. We regret this this occurrence and have put measures in place to ensure it will not occur again.” It’s not clear whether the organization attempted to reach out to those impacted by the breach. In a kind of bungle that utterly boggles the mind in 2019, the ESA had made available on its site a full spreadsheet of contact information for thousands of attendees, including email addresses, phone numbers and physical addresses. While many or most of the addresses appear to be businesses, journalists often work remotely, and the availability of a home address online can present a real safety concern. After all, many gaming journalists are routinely targets of harassments and threats of physical violence for the simple act of writing about video games on the internet. That’s the reality of the world we currently live in. And while the information leaked could have been worse, there’s a real potential human consequence here. That, in turn, presents a pretty compelling case that the ESA is going to have a pretty big headache on its hands under GDPR. Per the rules, In the case of a personal data breach, the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it, notify the personal data breach to the supervisory authority competent in accordance with Article 55, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons. Where the notification to the supervisory authority is not made within 72 hours, it shall be accompanied by reasons for the delay. There is, indeed, a pretty strong argument to made that said breach could “result in a risk to the rights and freedoms of natural persons.” Failure to notify individuals in the allotted time period could, in turn, result in some hefty fines. It’s hard to say how long the ESA knew about the information, though YouTuber Sophia Narwitz, who first brought this information to light publicly, may have also been the first to alert the organization. The ESA appears to have been reasonably responsive in pulling the spreadsheet down, but the internet is always faster, and that information is still floating around online and fairy easily found. that spreadsheets like these are incredibly valuable to convention organizations, representing contact information some of the top journalists in any given industry. Many will no doubt think twice before sharing this kind of information again, of course. Notably (and, yes, ironically), the Black Hat security conference this time last year. It chalked the issue up to a “legacy system.” Natasha Lomas contributed to this report
Amazon’s healthcare joint venture has a name — Haven — and website revealing details on initiative

Amazon’s healthcare joint venture has a name — Haven — and website revealing details on initiative

6:14pm, 6th March, 2019
Dr. Atul Gawande, CEO of Haven. (TED Conference Photo / James Duncan Davidson, via Flickr) The healthcare joint venture between Amazon, JPMorgan Chase and Berkshire Hathaway finally has a name, and it’s called Haven. The company also launched a website at . In addition to the new branding, the joint venture addressed a long-running question: Will Haven sell its products and services to other companies? The answer is a qualified “yes.” Haven said that it’s focused on the 1.2 million employees who work for Amazon, Berkshire and JPMorgan. However, the website explained that “in time, we intend to share our innovations and solutions to help others.” Haven will focus on access to primary care, simpler insurance benefits, and lowering prescription drugs prices. It is also looking at how to use data to improve the healthcare system overall. Haven revealed the members of its board, which includes: Todd Combs, investment officer of Berkshire Hathaway Jamie Dimon, chairman and CEO of JPMorgan Chase Beth Galetti, a senior vice president at Amazon Dr. Atul Gawande, CEO of Haven Haven is led by: Dr. Atul Gawande, CEO Michael Higgins, chief information security officer Serkan Kutan, chief technology officer Megan McLean, chief of staff Dana Safran, head of measurement Jack Stoddard, chief operating officer Liam Brenner, acting head of finance Mary Jane Favazza, general manager Brooke Thurston, head of communications The joint venture was initially launched a little over a year ago. Its goals were mostly mysterious until documents in on Haven’s ambitions. Haven, which doesn’t seek a profit, is independent from the three companies. That said, it “draws on resources and expertise from Amazon, Berkshire Hathaway, and JPMorgan Chase,” the website reads. Haven CEO Atul Gawande posted a letter on the website explaining Haven’s purpose. Here’s the full text: As a surgeon, I’ve devoted my career to caring for my patients and working to make the health care system better. I believe all people deserve quality health care that is both affordable and accessible. Haven was formed by the leaders of Amazon, Berkshire Hathaway, and JPMorgan Chase because they have been frustrated by the quality, service, and high costs that their employees and families have experienced in the U.S. health system. They believe that we can do better, and in taking this step to form this new organization, they have committed to being a part of the solution. We know that this work will take time, and we’ll need the help of others, but we will tackle problems step-by-step and make sure that patients remain our top priority. These are our guiding principles: We will be an advocate for the patient and an ally to anyone – clinicians, industry leaders, innovators, policymakers, and others – who makes patient care and costs better. We will create new solutions and work to change systems, technologies, contracts, policy, and whatever else is in the way of better health care. We will be relentless. We will insure our work has high impact and is sustainable. And we are committed to doing this work for the long-term. Atul Gawande, MD, MPHCEO, Haven