Today’s episode of Incident Response Fail involves a cybersecurity professional/bug bounty hunter, Mohamed Suwaiz, and a driver training company in Texas, Smith System, that seemed to stubbornly resist his efforts to alert them to a data leak. Although Suwaiz (@Msuwaiz on Twitter) describes himself as being motivated by bug bounties, when there’s no bounty to…
Category: Commentaries and Analyses
Six months after TheDarkOverlord attacked their district, School District 6 sends breach notification letters to parents
More than six months after the hacker or hackers known as TheDarkOverlord hacked and terrorized School District 6 in Columbia Falls, Montana, the district has sent parents breach notification letters revealing what they were able – and not able – to determine. Three versions of the March 19th letter, marked “Draft” and signed by Superintendent…
Here’s what you didn’t know about health data breaches in February
Protenus, Inc. has released its February Breach Barometer, with its analysis of 39 health data incidents compiled for them by this site. As I have done in companion posts to their previous reports, I am providing a list, below, of the incidents upon which their report is based. Where additional details are available, I have…
Public Notification of Data Breaches: Between a Rock and a Hard Place
John Amabile and Micheal Binns of Parker Poe Adams & Bernstein write: A change in emphasis in disputes over data security breaches is coming. To date, the focus has been on issues and potential damages arising from the breach itself and the subsequent loss of private, personal information. In light of recognized delays from both…
Suspending Cambridge Analytica and SCL Group from Facebook
So Facebook is still standing by their “this is not a breach” assertion. Stamos removed some of his earlier tweets on that, but this update from FB still sounds “tone deaf” to me. By Paul Grewal, VP & Deputy General Counsel of Facebook Update on March 17, 2018, 9:50 AM: The claim that this is a…
UK: Wigan council’s data breach shock
Rachel Howarth reports: Wigan Council has experienced more than 80 data breaches in the past two years, concerning figures have revealed. A recent Freedom of Information request has highlighted an alarming number of incidents in which sensitive, confidential or otherwise protected information has been accessed or disclosed “in an unauthorised fashion.” Read more on…