Morgan Chalfant reports: Democratic members of the House Energy and Commerce Committee are pressing a government watchdog to further investigate whether existing credit monitoring services do enough to protect consumers affected by data breaches. The Government Accountability Office (GAO) released a report in March on identity theft services offered by the federal government and private companies…
Category: Commentaries and Analyses
GAO to agencies: Stop using Social Security numbers for everything
There really is such as a thing as “obvious.” Isn’t there? Adam Stone reports: Federal agencies continue to over-collect, over-use and over-display Social Security numbers, leading to the an unnecessarily high risk of identity theft. That’s the latest from the U.S. Government Accountability Office. In a recent report GAO declares that a decade’s worth of…
Judge Cracks Down on LinkedIn’s Shameful Abuse of Computer Break-In Law
Jamie Williams and Amul Kalia write: Good news out of a court in San Francisco: a judge just issued an early ruling against LinkedIn’s abuse of the notorious Computer Fraud and Abuse Act (CFAA) to block a competing service from perfectly legal uses of publicly available data on its website. LinkedIn’s behavior is just the…
Siemens medical imaging devices become cybersecurity scapegoats
Scott E. Rupp reports: The Department of Homeland Security (DHS) says that some of the Siemens medical imaging devices that run Windows 7 software are vulnerable to cyberattack. If hacked, these specific Siemens devices allow for the ability to “remotely execute arbitrary code,” DHS says. The alert from DHS’s Industrial Control Systems Cyber Emergency Response…
Day after doctor’s murder, accused still on the run
Another reminder of the need to revoke access – physical and digital – if you are terminating an employee or student’s position with your organization: Summary: The main accused, suspected to be another postgraduate student working in the radiology department, is still on the run. Sushant Pandey was found with his throat slit inside the…
Leak of >1,700 valid passwords could make the IoT mess much worse
Dan Goodin reports: Security researchers have unearthed a sprawling list of login credentials that allows anyone on the Internet to take over home routers and more than 1,700 “Internet of things” devices and make them part of a destructive botnet. The list of telnet-accessible devices, currently posted at this Pastebin address, was first posted in…