DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Breaking news headlines from today

Posted on April 1, 2010 by Dissent

Senator Patrick Leahy of Vermont has responded to the massive loss of data by the Educational Credit Management Corporation by vowing to hold Congressional hearings and introduce new legislation to better protect personal information.

Although the Senator has repeatedly introduced a data breach notification bill in past sessions of Congress, the bill became outdated after its first introduction and didn’t improve with subsequent re-introductions. As a result, Senator Leahy will be introducing a new bill, the “CORE Security Act” when the Senate reconvenes after recess. CORE Security (Cut Out Ridiculous Excuses in Security) will require all entities holding personal information on more than 10 individuals to encrypt data. Other provisions of the bill will prohibit employees from removing sensitive or personally identifiable information from the office on portable devices and will require entities to notify individuals of any breaches within 30 days. Unlike previous legislative proposals, a breach will be defined as an intrusion into a system, even if no sensitive data are accessed or acquired.

“Enough is enough,” the Senator said in a statement e-mailed to this site. “We have been sitting around doing nothing and it just gets worse and worse. It’s time for Congress to act in a partisan manner, and I intend to lead the charge.”

In other headlines today, the dedicated researchers at Sophos report that they are rolling out a new approach to protecting data: distracting hackers once they get inside your network. “Protection by Distraction” capitalizes on the distractibility of Asperger’s-prone hackers by providing them with romantic fiction that will keep them busy for over an hour:

“It was certainly a surprise to find that romantic fiction successfully distracts hackers from their purpose, but when we thought about it, all became clear,” said Carole Theriault, senior security analyst at Sophos. “Basically, the security industry as a whole has missed a trick, and that is exploiting the Achilles’ heel of hackers. They’re human, just like the rest of us. And if you give them something titillating to peruse, they can’t restrain themselves. It’s a little like luring a mouse into a trap: they may sense the danger but cannot resist a little morsel of cheese.”

As Graham Cluley explains on his blog, Sophos is seeking input from the security community to help them develop the distractors.

Expect these stories to be updated tomorrow.

Update of April 2. Well, yes, it was all in fun. Hope you had a fun April Fool’s Day.

Category: Uncategorized

Post navigation

← Two more newly revealed breaches
Cracking Open Genetic Privacy →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Data breach of patient info ends in firing of Miami hospital employee
  • Texas DOT investigates breach of crash report records, sends notification letters
  • PowerSchool hacker pleads guilty, released on personal recognizance bond
  • Rewards for Justice offers $10M reward for info on RedLine developer or RedLine’s use by foreign governments
  • New evidence links long-running hacking group to Indian government
  • Zaporizhzhia Cyber ​​Police Exposes Hacker Who Caused Millions in Losses to Victims by Mining Cryptocurrency
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Google: Hackers target Salesforce accounts in data extortion attacks
  • The US Grid Attack Looming on the Horizon
  • US govt login portal could be one cyberattack away from collapse, say auditors

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • California county accused of using drones to spy on residents
  • How the FBI Sought a Warrant to Search Instagram of Columbia Student Protesters
  • Germany fines Vodafone $51 million for privacy, security breaches
  • Malaysia enacts data sharing rules for public sector
  • U.S. Enacts Take It Down Act
  • 23andMe Bankruptcy Judge Ponders Trump Bill’s Injunction Impact
  • Hell No: The ODNI Wants to Make it Easier for the Government to Buy Your Data Without Warrant

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.