Commentaries and Analyses – Page 571

Ca: Victim of arson spree questions ICBC’s handling of privacy breach

Posted on February 2, 2017 by Dissent

There’s a follow-up to a breach that I had described as one of the worst insider breaches at its time – because it put lives at serious risk and some victims were firebombed or shot at. Mi-Jung Lee and Kendra Mangione recently interviewed one of the victims, who continues to have concerns about the handling…

Password-stealing security hole discovered in many Netgear routers

Posted on February 1, 2017 by Dissent

Graham Cluley writes: A security researcher has described how he uncovered a severe security hole in dozens of different Netgear routers, meaning that “hundreds of thousands, if not over a million” devices could be at risk of having their admin passwords stolen by hackers. Simon Kenin, a researcher at Trustwave, has explained how sheer laziness on a…

GSA IT gaps leaked personal information, OIG says

Posted on January 28, 2017 by Dissent

Carten Cordell reports: A series of four audits by the General Services Administration’s inspector general have found that the agency’s cloud computing system made personally identifiable information accessible to employees and contractors not authorized to have it. The audits, which were instituted after the OIG found multiple instances where sensitive information was accessible on GSA’s…

Investors Sue Yahoo Over Post-Hack Stock Plunge

Posted on January 27, 2017 by Dissent

I don’t think investors’ lawsuits related to data breaches have been a particularly winning strategy to date, but if any investors’ suit has a chance, this one might – or at least, should have a chance. Maria Dinzeo reports that those who invested in Yahoo! are suing the company: A proposed class of hundreds of thousands…

Google Removes Ransomware-Laden App From Play Store

Posted on January 25, 2017 by Dissent

Jai Vijayan reports: A ransomware sample that was recently discovered embedded in an Android application on Google Play Store suggests that threat actors may have found a dangerous new way to get extortion malware on mobile devices. The malware, dubbed Charger, is believed to be the first instance of ransomware being successfully uploaded to Google’s…

NYS audit finds Holland Patent Central School District not adequately protecting PPSI

Posted on January 23, 2017 by Dissent

Another audit from the NYS Comptroller is worthy of note here. This one audited the Holland Patent Central School District for access to their student information system (SIS). The District operates four schools with approximately 1,500 students and 300 employees. This audit covered the period of July 1, 2015 – July 31, 2016. According to the state, the…