Commentaries and Analyses – Page 534

Inside the Stanford Breach: Sexual Assault, Disciplinary and Financial Data Exposed

Posted on December 5, 2017 by Dissent

A series of cybersecurity vulnerabilities at Stanford University exposed thousands of sensitive files containing details of sexual assault investigations, disciplinary actions and more. The details of what happened—and why it should be an object lesson for higher education. A special three-part blog series. Craig A. Newman of Patterson Belknap writes: Part 1 In three separate…

Hacked IV Pumps and Digital Smart Pens Can Lead to Data Breaches

Posted on December 4, 2017 by Dissent

Dawn Kawamoto reports: An attack on a single IV infusion pump or digital smart pen can be leveraged to a widespread breach that exposes patient records, according to a Spirent SecurityLabs researcher. Saurabh Harit, managing consultant with Spirent, will present his findings on flaws in IV infusion pumps and digital smart pens at Black Hat…

Poor incident response? Bad PR, Monday edition

Posted on December 4, 2017 by Dissent

If you can’t prevent a breach, can’t you at least fake genuine concern? You know, the “At <blahblahblah>, we take your privacy and security very seriously” bit? Mark Flamme reports on a Key Bank breach where the bank’s response to notification of a problem is at least as problematic as the breach itself. After a…

Security researcher released; had been jailed 8 months while awaiting trial on charges of cyberstalking an FBI agent

Posted on December 1, 2017 by Dissent

After almost eight months in pre-trial detention on charges of cyberstalking a Dallas FBI agent, Texas dental integrator and independent security researcher Justin Shafer got to go home tonight after a federal judge agreed with Shafer’s lawyer who appealed the revocation of Shafer’s pre-trial release. Shafer had been jailed since earlier this year on charges…

EU Data Protection Authorities Establish Task Force to Collaborate on Uber Data Breach

Posted on December 1, 2017 by Dissent

Hunton & Williams writes: On November 29, 2017, the EU’s Article 29 Working Party (”Working Party”) announced the establishment of a task force to coordinate the plethora of national investigations throughout the EU into Uber’s 2016 data breach that affected approximately 57 million users worldwide. The task force is being led by the data protection…

More than two years after compromise, Combat Brands was still battling malware?

Posted on November 30, 2017 by Dissent

First, there was this: On January 25, 2017, Combat Brands began investigating some unusual activity reported by its credit card processor. Combat Brands immediately began to work with third-party forensic experts to investigate these reports and to identify any signs of compromise on its systems. On February 23, 2017, Combat Brands discovered that it was…