Kelly Ng reports: The Institution of Engineers, Singapore (IES) could have “easily detected” and patched security flaws on its website, which had resulted in more than 6,000 users’ personal data being comprised in a data leak in October 2014, said the Personal Data Protection Commission (PDPC) in findings on the incident that it released publicly…
Category: Commentaries and Analyses
Abundance of stolen healthcare records on dark web is causing a price collapse
Chris Bing reports: The large amount of leaked patient records stolen and posted for sale to the dark web in recent months has caused prices for most of those records to drop, according to new research provided to CyberScoop and conducted by the Institute for Critical Infrastructure Technology and cybersecurity firms Flashpoint and Intel Security….
Yesterday’s major outage was brought to you by hacked IoT devices
Yesterday, like many others throughout the country, I awoke to the unpleasant fact that I couldn’t connect to Twitter or other sites that I might normally check in the morning. Over the course of the day, we learned some facts about what had happened, and read some theories, but the bottom line was that one…
NV: State agency audit withheld to protect sensitive data after serious security lapses found
Sandra Chereb reports: Auditors delayed release of a report detailing security vulnerabilities in state databases to protect the information of tens of thousands of current and former state employees and their beneficiaries, a legislative committee was told Tuesday. Douglas Peterson, information systems audit supervisor, told the Legislative Audit Subcommittee it was the first time he…
Secret Service database still vulnerable to improper access: IG report
Andrea Noble reports: Information technology shortcomings within the Secret Service mean the potential still exists for employees to improperly access the agency’s restricted database, as agents did last year when they leaked unflattering information about House Oversight Chairman Jason Chaffetz, according to a new inspector general’s report. The Department of Homeland Security Inspector General has found that even after last…
6th Circuit denies en banc on data breach standing issue. Prelude to SCOTUS?
Alison Frankel reports: … The 6th Circuit denied a petition by Nationwide Insurance to rehear a three-judge panel’s Sept. 2016 decision to allow a negligence class action stemming from a 2012 data breach to proceed. Nationwide’s lawyers at Morgan Lewis & Bockius argued in the en banc petition (as the insurer argued in federal district court in Columbus, Ohio, and before…