Last year, New York State began posting logs of breach reports they receive. Entities experiencing a breach are required to inform the state how many NYS residents were involved, but are not required to indicate the total number of individuals affected. Unfortunately, their logs do not indicate precisely whether the NYS residents affected are employees,…
Author: Dissent
Announce A Data Breach And Say It’s No Big Deal?
Evan Schuman comments on the recent Blippy breach and lessons that should be learned: Data Breach Etiquette Rule #8: The moment you announce you screwed up and exposed customers’ payment data to cyberthieves is a really bad time to lecture customers that “it’s a lot less bad than it looks” and that “it’s important to…
Guernsey: Data protection law amended to include prison time
Michael Adkins of Collas Day summarizes amendments to the Data Protection (Bailiwick of Guernsey) Law. According to Wikipedia, Guernsey is a possession of the UK and not part of the UK nor part of the EU. Of particular interest to me in their amendments: Section 55(2) has been amended to offer further exemptions to people…
Famous Dave’s employee data stolen (update 2)
Here we go again…. another seemingly avoidable data theft. A Minnetonka-based employee of Famous Dave’s left some baggage in the car of a companion, including a work-related laptop computer containing a report with unencrypted employee information. As Famous Dave’s reported to the New Hampshire Attorney General’s Office by letter on April 16, the laptop was…
Scottrade sues hacker
Barbara Leonard reports: A Russian hacker broke into online brokerage accounts and stole hundreds of thousands of dollars from its customers in a “hack, pump and dump” scheme, Scottrade claims in Federal Court. Defendant Valery Maltsev responded in a statement that said, in part: “Scottrade investors didn’t even see that money were going away from…
Ca: More than 300 charges laid in fraud case
Two Edmonton men face over 300 identity theft and fraud charges after police busted a credit card and mail scam. Wilfred Usiayo, 41, and Frank Ejira Otoroh, 39, were both charged with 140 counts of obtaining and possessing identity information, as well as other charges relating to fraudulent activity around a mailbox. […] Officers seized…