Paul Gattis reports: Gov. Robert Bentley has fired a high-ranking official in the state department of finance and placed a second on leave after concerns of a computer security breach emerged. The breach came to light following an investigation by the Alabama Law Enforcement Agency, according to a letter Bentley wrote June 10 to the FBI….
Category: Commentaries and Analyses
LinkedIn data breach blamed for multiple secondary compromises
Steve Ragan reports: The LinkedIn compromise has been linked to a number of confirmed incidents where data exfiltration has taken place. It’s possible these incidents are only the tip of the iceberg though, as many of the organizations compromised are service providers with access to customer networks. […] Multiple industry sources have shared additional details…
UK: Firms face £20million fines for losing your private data: Report also says firms’ bosses should be penalised if businesses suffer a date breach
Ian Drury and James Solomon report: Companies will face fines of up to £20million if they lose customers’ personal data in cyber-attacks. A damning report by MPs called for watchdogs to be given the ability to hammer firms in the pocket if they fail to safeguard sensitive information. Bosses should also be penalised if their…
The week in security: Breach costs arrested but CISOs risk the axe over reporting
David Braue reports: The latest study of data-breach costs found Australian businesses bucking global trends by driving down the average cost of data breaches. There was little shelter for CISOs however, with warnings that they could increasingly risk losing their jobs if they can’t improve their reporting of security postures before the breaches happen. Might be time to not…
To the anonymous researchers who contacted me
Several weeks ago, I reported that some researchers had contacted me anonymously to give me a slew of vulnerabilities they had uncovered in their research. As a result of the FBI’s over-the-top raid on Justin Shafer, they had become scared of trying to notify entities of what they had found. They left it up to me to decide…
Equifax service remains mum about client reports of tax refund fraud
Back in April, DataBreaches.net noted that Stanford University was notifying its employees about tax refund fraud. The fraud appeared to result from perpetrators downloading employees’ W-2 information from the university’s vendor, W-2 Express, and then using the info to file fraudulent returns. W-2 information typically includes an employee’s name and address, their wage and salary information, as well…