If you thought former Tiversa employee Rick Wallace’s testimony in FTC v. LabMD was sensational, wait until you read a staff report prepared for Darrell Issa, then-Chairman of the House Committee on Oversight and Government Reform. The 99-page report, prepared in January but embargoed until after Wallace’s testimony, delves into Tiversa’s business practices and problems with the…
Category: Breach Incidents
Columbia Casualty asks court to let it off the hook for $4.1M settlement in Cottage Health System breach
So you apply for cyberinsurance and in your application, you describe all the security controls and policies you have in place. And an insurance company looks it all over and issues you a policy because you meet the minimum security practices they require. But then you don’t actually adhere to all the controls and policies you…
Host of NSA’s smtp server hacked?
An interesting paste today by PH1K3 lets us follow along during an attempt to hack the host/dns provider for smtp.nsa.gov.
Hong Kong’s fast food chain Cafe de Coral admits accidental data leak
Hong Kong’s local fast food chain Cafe de Coral has accidentally leaked the personal details of members of its bonus-point program, it said on Friday. The company said the mistake was made last month in an email to a third party, which it did not identify, adding the personal details include names, phone numbers, email…
The largest cause of data security incidents is….. what?
The new BakerHostetler report on data security incidents says that human error was the largest cause of data security incidents, accounting for 36%. Their finding is consistent with the new Ponemon report that also puts employee error as the number one cause, at 39% But then you read RBS’s report on 2014 breaches where they say that 67%…
Pennsylvania-based Summit Health joins ranks of those falling for phishing
On March 18, attorneys for Summit Health, Inc. in Pennsylvania notified the Maryland Attorney General’s Office that on February 19, the hospital had learned that some of its employees had fallen for a phishing attempt. As a result of the successful phishing, employees’ information in the Lawson Employee Self-Service System, used to access payroll and benefits information, may…