Has reliance on Internet Explorer, ActiveX, public key system combined to open ‘black hole’ in cyber security? The Korea Herald reports: A string of cyber attacks have bombarded South Korea in recent years, leading to massive leaks of personal information stored in banks, government agencies and corporations. In January 2008, hackers stole the personal data…
Month: July 2013
Apple Hacked: Company Admits Development Website Was Breached (UPDATED)
Apple admitted Sunday that its website for developers had been breached by an “intruder” last Thursday, according to All Things D and other sources. In a letter to developers that confirmed the breach, the company did not “rule out” that developers’ names, mailing addresses, and email addresses could have been accessed. However, customer information is encrypted and was not…
Redaction #FAIL: Software glitch Exposed Data on 150,000 Citi Customers in Bankruptcy Court Filings
Sean Sposito reports: In a case that could serve as a warning to other banks that contribute customer data to public storehouses, Citigroup this week acknowledged that it failed to safeguard the personal information — Social Security numbers, birth dates and other sensitive data — of nearly 150,000 consumers who went into bankruptcy between 2007…
Hack exposes e-mail addresses, password data for 2 million Ubuntu Forum users
Dan Goodin reports that e-mail addresses, user names, and password data for every registered user of the Ubuntu Forums—estimated to be 1.82 million accounts—were exposed in a security breach. Read more on Ars Technica.
OR: Samaritan Health investigates improper disposal of medical records
Hundreds of medical records found unshredded in the trash. Again. This time it’s Samaritan Family Medicine Resident Clinic, part of Samaritan Health Services. Police were called but did nothing because, once again, no law was broken. It is disturbing that in 2013, most states still do not have data security or breach laws that include paper…
Would a federal data breach notification law be A Good Thing or not for healthcare?
Modern Healthcare covered a Congressional hearing this week to consider a federal data breach notification law. Congress has been kicking the idea around for years, but one of the big stumbling blocks has been whether any such law would pre-empt state laws. I have long been on record supporting a federal law that pre-empts state…