DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Breaking news headlines from today

Posted on April 1, 2010 by Dissent

Senator Patrick Leahy of Vermont has responded to the massive loss of data by the Educational Credit Management Corporation by vowing to hold Congressional hearings and introduce new legislation to better protect personal information.

Although the Senator has repeatedly introduced a data breach notification bill in past sessions of Congress, the bill became outdated after its first introduction and didn’t improve with subsequent re-introductions. As a result, Senator Leahy will be introducing a new bill, the “CORE Security Act” when the Senate reconvenes after recess. CORE Security (Cut Out Ridiculous Excuses in Security) will require all entities holding personal information on more than 10 individuals to encrypt data. Other provisions of the bill will prohibit employees from removing sensitive or personally identifiable information from the office on portable devices and will require entities to notify individuals of any breaches within 30 days. Unlike previous legislative proposals, a breach will be defined as an intrusion into a system, even if no sensitive data are accessed or acquired.

“Enough is enough,” the Senator said in a statement e-mailed to this site. “We have been sitting around doing nothing and it just gets worse and worse. It’s time for Congress to act in a partisan manner, and I intend to lead the charge.”

In other headlines today, the dedicated researchers at Sophos report that they are rolling out a new approach to protecting data: distracting hackers once they get inside your network. “Protection by Distraction” capitalizes on the distractibility of Asperger’s-prone hackers by providing them with romantic fiction that will keep them busy for over an hour:

“It was certainly a surprise to find that romantic fiction successfully distracts hackers from their purpose, but when we thought about it, all became clear,” said Carole Theriault, senior security analyst at Sophos. “Basically, the security industry as a whole has missed a trick, and that is exploiting the Achilles’ heel of hackers. They’re human, just like the rest of us. And if you give them something titillating to peruse, they can’t restrain themselves. It’s a little like luring a mouse into a trap: they may sense the danger but cannot resist a little morsel of cheese.”

As Graham Cluley explains on his blog, Sophos is seeking input from the security community to help them develop the distractors.

Expect these stories to be updated tomorrow.

Update of April 2. Well, yes, it was all in fun. Hope you had a fun April Fool’s Day.

No related posts.

Category: Uncategorized

Post navigation

← Two more newly revealed breaches
Cracking Open Genetic Privacy →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Texas Centers for Infectious Disease Associates Notifies Individuals of Data Breach in 2024
  • Battlefords Union Hospitals notifies patients of employee snooping in their records
  • Alert: Scattered Spider has added North American airline and transportation organizations to their target list
  • Northern Light Health patients affected by security incident at Compumedics; 10 healthcare entities affected
  • Privacy commissioner reviewing reported Ontario Health atHome data breach
  • CMS warns Medicare providers of fraud scheme
  • Ex-student charged with wave of cyber attacks on Sydney uni
  • Detaining Hackers Before the Crime? Tamil Nadu’s Supreme Court Approves Preventive Custody for Cyber Offenders
  • Potential Cyberattack Scrambles Columbia University Computer Systems
  • 222,000 customer records allegedly from Manhattan Parking Group leaked

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Germany Wants Apple, Google to Remove DeepSeek From Their App Stores
  • Supreme Court upholds Texas law requiring age verification on porn sites
  • Justices nix Medicaid ‘right’ to choose doctor, defunding Planned Parenthood in South Carolina
  • European Commission publishes its plan to enable more effective law enforcement access to data
  • Sacred Secrets: The Biblical Case for Privacy and Data Protection
  • Microsoft’s Departing Privacy Chief Calls for Regulator Outreach
  • Nestle USA Settles Suit Over Job-Application Medical Questions

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.