Someone should start a web site archiving the inappropriate responses we get when we try to notify entities that they’ve had a data breach. This would be my entry for today: I tried to alert an entity that they’d been hacked and data had been exfiltrated. It was after normal business hours, and I could find only one…
Category: Commentaries and Analyses
The Breach That Supposedly Isn’t a Breach
Discussing an incident disclosed by Troy Hunt this week, Jeremy Kirk reports: The handling of a recent data breach – the details of which are still unfolding – by Oakland, Calif.-based web services company Regpack provides a look into how the discovery and disclosure of a breach can turn into a real train wreck. Read…
New York State Proposes Cybersecurity Regulation for Financial Services Institutions
Micaela McMurrough, Ashden Fein and Catlin Meade write: On September 13, 2016, New York Governor Andrew Cuomo announced a proposed regulation that would require financial service institutions to develop and implement cybersecurity programs to prevent and mitigate cyber-attacks. The proposed regulation will be subject to a 45-day comment period once it is published in the New York State…
Trump’s campaign mute about data security #fail?
It may not be on the level of failing to adequately secure State Department communications, but it seems Donald Trump’s organization could use a refresher course on data security. And when it finishes that, it might want to tackle a course on transparency. On Sunday night, DataBreaches.net received an email from MacKeeper Security Research Center lead researcher Chris Vickery….
A single ransomware network has pulled in $121 million
Maria Korolov reports: A single ransomware author and distributor was able to collect $121 million in ransomware payments during the first half of this year, netting $94 million after expenses, according to a report released today. […] Total ransomware increased by 128 percent during the first half of 2016 compared to the same period last year. There…
FTC pushes back against LabMD application for stay
The FTC has uploaded complaint counsel’s opposition to LabMD’s application for a stay of the final order in FTC v. LabMD. Did they really write that with a straight face? It was difficult to read it without alternately laughing, spluttering, or fuming. Consider the opening paragraph of complaint counsel’s opposition (I’m interspersing my reactions): Respondent has…