Mahmood Sher-jan writes: Put on your fancy hat and pour a mint julep: the annual spectacle of equestrian prowess and creative horse names is upon us. While this Saturday marks the 140th Kentucky Derby, another landmark event occurred earlier this spring in the bluegrass state: Kentucky entered the “data breach regulatory derby” and became the 47th state…
Month: May 2014
Molina breach on patient data (updated)
The Albuquerque Journal reports: Molina Healthcare said Friday personal information on some of its 5,261 former members was inadvertently mailed out to individual households via postcards in mid-March. The postcards contained a tracking number that included Social Security numbers — although not names — of individuals and sent to former Molina members, the company said…
FTC told to disclose the data security standards it uses for data security enforcement actions
Jaikumar Vijayan reports: The Federal Trade Commission (FTC) can be compelled to disclose details of the data security standards it uses to pursue enforcement action against companies that suffer data breaches, the agency’s chief administrative law judge ruled Thursday. The decision came in response to a motion filed by LabMD, a now-defunct medical laboratory that…
FTC told to disclose the data security standards it uses for data security enforcement actions (updated)
Jaikumar Vijayan reports: The Federal Trade Commission (FTC) can be compelled to disclose details of the data security standards it uses to pursue enforcement action against companies that suffer data breaches, the agency’s chief administrative law judge ruled Thursday. The decision came in response to a motion filed by LabMD, a now-defunct medical laboratory that…
Ex-Insider Sounds Alarm On Hotel And Restaurant Data Security
Last week, I linked to a report from Consumer Reports that contained a somewhat startling allegation by the former director of security compliance for Wyndham: Now, David Durko, former director of Wyndham’s security compliance management, says that many independently owned and operated Wyndham hotels doing business under the Super 8 brand name don’t comply with Payment…
Serious security flaw in OAuth and OpenID discovered
Aloysius Low reports: Following in the steps of the OpenSSL vulnerability Heartbleed, another major flaw has been found in popular open-source security software. This time, the holes have been found in the login tools OAuth and OpenID, used by many websites and tech titans including Google, Facebook, Microsoft, and LinkedIn, among others. Wang Jing, a Ph.D student…