Washington Attorney General Bob Ferguson’s legislation strengthening the state’s data breach notification law passed the state Senate, 47 to 0. It passed the House of Representatives March 4, 97 to 0. The bill now heads to Governor Jay Inslee for his signature. The legislation strengthens Washington’s data breach notification law by: Eliminating the blanket exemption…
Month: April 2015
Woman Sentenced For ID Theft From Texas Hotel Computers
KWTX reports that Courtni Heryford, 29, was sentenced to eight years in prison for stealing personal information from people who used public computers at some Galveston, Texas hotels. Heryford pleaded guilty Monday in Galveston to fraudulent possession of identifying information. Read more on KWTX, although they don’t explain which hotels or what kind of contact…
Verizon DBIR challenges data breach cost estimates
Michael Mimoso reports: The 2015 Verizon Data Breach Investigations Report (DBIR) did some mythbusting on two fronts: the estimated cost per record lost in a breach is much lower than reported elsewhere; and mobile malware is a no-go. The DBIR is Verizon’s annual data dump collected from breaches it has investigated, along with contributed data from…
Oh, to be a fly on the wall (Crime Stoppers breach update)
If you read my post about the hack involving three Canadian chapters of Crime Stoppers, or if you follow me on Twitter (@pogowasright), you know that I’ve had a frustrating time trying to alert those chapters that they’ve been hacked and need to secure their data better. In the interim, as I browsed the pastes of the hacked data (which…
Zillow fighting lawsuits alleging theft of trade secrets
I came across two cases in the news this morning, both involving Zillow, that allege insider data theft/trade secrets theft: Move and the National Association of REALTORS® (NAR) filed additional court documents Friday following receipt of a letter from an anonymous whistleblower, presumably a Zillow employee, who alleges widespread misappropriation of trade secrets and data theft by…
18-Year-Old Security Flaw Allows Hackers To Steal Credentials From All Versions Of Windows
Kate Vinton reports: In 1997, researcher Aaron Spangler discovered a bug in Internet Explorer that allowed an attacker to steal credentials using a protocol known as Windows Server Message Block (SMB). Eighteen years later, a researcher on the Cylance SPEAR research team testing a messaging app with that bug in mind discovered a much larger…