Lee Sun-young reports: Korea Credit Information Services, a pan-industry body tasked with data preservation and protection, was launched in Seoul on Tuesday amid mounting calls for data security after a series of large-scale information leaks. The new entity will act as a centralized data center for personal credit information, taking over data collected and preserved…
Month: January 2016
Scope of Preemption in Proposed Data Security Legislation is Uncertain
David Bender writes: According to a recent analysis by the Congressional Research Service (“CRS”), the extent of state law preemption in recent federal legislative proposals relating to data security is unclear. Several bills introduced in the 114th Congress would impose federal data security or breach notification requirements on covered entities, similar to existing requirements in nearly every…
Ca: Rear Admiral confirms ‘data spill,’ downplays HMCS Trinity security breach
He didn’t mean any harm, and obfuscation works, so it’s no huge deal, right? Global News reports: The Royal Canadian Navy’s East Coast boss is downplaying the extent of a security breach at HMCS Trinity, the military’s principal East Coast intelligence centre. Military police in Halifax allege a web designer, working at the naval security…
Ex-D.C. juvenile justice worker pleads guilty in $42 million tax-ID-theft ring
Spencer S. Hsu reports that at least 645 youth offenders had their identity information provided to a tax fraud ring by a juvenile justice worker: A former D.C. juvenile justice worker pleaded guilty Tuesday to helping steal at least $2 million in fraudulent federal income tax refunds by giving personal information about hundreds of youth offenders…
Latvian Hacker Deniss Calovskis Sentenced to Time Served
Nicole Hong reports that Deniss Calovskis, who pleaded guilty in September, when he finally faced charges in the U.S. after a long and complex extradition battle, has been sentenced to time served. Calovskis was extradited to the U.S. from Latvia in February. A Manhattan federal judge Tuesday sentenced a Latvian computer hacker to the 21…
Henry Schein settles FTC charges it misled customers about encryption of patient data
It appears the FTC acted on a complaint I filed with them last year concerning Henry Schein Dental’s use of the word “encryption” in their marketing and their refusal to individually notify customers that the “encryption” provided by Dentrix G5 was not NIST-grade encryption that would give them Safe Harbor under HIPAA. Background on my concerns…