Kylie Bielby reports: The Office of Inspector General (OIG) says U.S. Citizenship and Immigration Services (USCIS) did not apply the access controls needed to restrict unnecessary access to its systems, networks, and information. Access controls help to limit individuals from gaining inappropriate access to systems or data. But an OIG audit has found that USCIS…
Category: Commentaries and Analyses
Federal Court holds nonprofit health center is immune from data breach class action
Daniel Rockey of Bryan Cave Leighton Paisner writes: In a case of first impression, the United States District Court for the Southern District of California granted the motion of Defendant Neighborhood Healthcare seeking order compelling the United States to defend a putative class action lawsuit alleging that Neighborhood failed to ensure the confidentiality of her…
Twitter’s cybersecurity flaws pose national security risk, whistleblower tells Congress
Kelsey Reichmann reports: Cybersecurity failures at Twitter are endangering users’ data and putting national security at risk, the company’s former security chief, Peiter “Mudge” Zatko, told lawmakers at a hearing on Tuesday. Zatko appeared before the Senate Judiciary Committee to testify about allegations he made against the social media giant earlier this year. In reports…
Singapore corporations making progress in preventing cyberattacks
It was a back-handed compliment of sorts: experienced hackers telling DataBreaches that it had gotten noticeably harder for them to successfully attack big corporations in Singapore. “The most difficult country to attack now, are Singapore companies,” they told DataBreaches in a chat. “A lot has changed since 3 years ago. It is hard to even…
It’s like a veritable fire sale on Indonesians’ personal data
Indonesia’s private data protection bill cleared another hurdle and could be voted into law this week. As Bloomberg reports: Data operators could face up to five years in jail and a maximum fine of 5 billion rupiah ($337,000) for leaking or misusing private information, according to Indonesia’s new data privacy bill set to be passed…
“Proactive cyber defense” to be introduced to critical infrastructure
The following is a machine translation of a Yomiuri news story: The government is considering introducing an “active cyber defense” system to detect signs of an attack and identify the source of the attack in order to strengthen defense against cyber attacks on critical infrastructure such as communications and electricity. Adjustments will be made in…