idRADAR has some comments about Target’s offer of an ID theft product. I found it interesting to read because I wouldn’t have realized that what Target negotiated was not the usual kind of product that checks all three major credit reporting databases – Experian, Equifax, and Transunion. The plan Target arranged with Experian only checks…
Category: Business Sector
Reuters sources: Other US retailers victims of cyberattacks
Jim Finkle and Mark Hosenball of Reuters report: Target Corp and Neiman Marcus are not the only U.S. retailers whose networks were breached over the holiday shopping season late last year, according to sources familiar with attacks on other merchants that have yet to be publicly disclosed. Smaller breaches on at least three other well-known…
Hackers Steal Card Data from Neiman Marcus
Brian Krebs reports: Responding to inquiries about a possible data breach involving customer credit and debit card information, upscale retailer Neiman Marcus acknowledged today that it is working with the U.S. Secret Service to investigate a hacker break-in that has exposed an unknown number of customer cards. Read more on KrebsOnSecurity.com.
Target update: 70 million MORE customers affected by breach (Update)
From their press release of today: MINNEAPOLIS — January 10, 2014 Target today announced updates on its continuing investigation into the recent data breach and its expected fourth quarter financial performance. As part of Target’s ongoing forensic investigation, it has been determined that certain guest information — separate from the payment card data previously disclosed —…
And yet another Experian breach…
This time, the client whose credentials were compromised to gain access to Experian’s credit report database was Lafarge West in Albuquerque, New Mexico. The breach occurred between December 19 and 20, and was reported to those affected on January 7.
David Nosal sentenced; case narrowed the definition of “exceeding authorized access” under CFAA (update1)
I’ve been following the David Nosal case on this blog since April 2011, when the Ninth Circuit held that an employee who violates his employer’s computer use policy is guilty of “exceeding authorized access” to the employer’s computer under the federal anti-hacking statute, CFAA. In June 2011, Nosal filed a petition for rehearing en banc (see…