James Denvil and Paul Otto of Hogan Lovells write: The FTC wants companies to listen. More precisely, the FTC wants companies to pay attention to and promptly to respond to reports of security vulnerabilities. That’s a key takeaway from the Commission’s recent settlement with ASUSTek (“ASUS”). In its complaint against the Taiwanese router manufacturer, the FTC alleged that ASUS…
Category: Business Sector
Computer hacker extradited from Cyprus to Pittsburgh to face charges
First they caught the botnet administrator in Cyprus. Then they extradited him to Pittsburgh. Andrew Conte reports: Andrey Ghinkul, of Moldova, is scheduled to appear at 2 p.m. at the U.S. Courthouse, Downtown. He plans to plead not guilty, his lawyer, Arkady Bukh of New York City, told the Tribune-Review. Ghinkul will be represented by a public defender…
UK: Cool Components’ email database taken in apparent data breach
Gareth Halfacree reports on a somewhat atypical breach with a poor incident response by Cool Components: Hobbyist electronics specialist Cool Components has been hit with an apparent data breach in which persons unknown have made off with its customer email list – but the company claims its investigation has turned up no evidence of security issues….
RubberStamps.net, Incipio notify customers of breaches
While uKnowKids had a somewhat despicable disclosure of their breach that involved shooting the messenger, here are two positive examples of breach disclosures I came across this week: RubberStamps.net notified about 7,000 customers that its web site was compromised between November 3, 2015 to December 11, 2015. In a well-written letter, Scott Lee, the President and CEO, Superior Labels, Inc. explained that…
Operation Blockbuster Coalition Ties Sony, Other Destructive Attacks to Lazarus Group
Michael Mimoso reports: The nation-state sponsored hacker group allegedly behind the 2014 attack against Sony Pictures Entertainment has been linked to similar intrusions against a number of companies in South Korea including the Dark Seoul and Operation Troy attacks. A coalition of security companies called Operation Blockbuster, including Kaspersky Lab, Novetta, AlienVault, Invincea, ThreatConnect, Volexity, Symantec,…
WA: Rightside employee tax information stolen in data breach
Ashley Stewart reports: Kirkland-based Rightside was the target of a “highly sophisticated phishing scam,” resulting in the theft of employees’ personal information, according to an email obtained by the Puget Sound Business Journal. The company notified affected employees this week, explaining that it had been the target of a cyber attack for several months and, on…