Ian Drury and James Solomon report: Companies will face fines of up to £20million if they lose customers’ personal data in cyber-attacks. A damning report by MPs called for watchdogs to be given the ability to hammer firms in the pocket if they fail to safeguard sensitive information. Bosses should also be penalised if their…
Category: Commentaries and Analyses
The week in security: Breach costs arrested but CISOs risk the axe over reporting
David Braue reports: The latest study of data-breach costs found Australian businesses bucking global trends by driving down the average cost of data breaches. There was little shelter for CISOs however, with warnings that they could increasingly risk losing their jobs if they can’t improve their reporting of security postures before the breaches happen. Might be time to not…
To the anonymous researchers who contacted me
Several weeks ago, I reported that some researchers had contacted me anonymously to give me a slew of vulnerabilities they had uncovered in their research. As a result of the FBI’s over-the-top raid on Justin Shafer, they had become scared of trying to notify entities of what they had found. They left it up to me to decide…
Equifax service remains mum about client reports of tax refund fraud
Back in April, DataBreaches.net noted that Stanford University was notifying its employees about tax refund fraud. The fraud appeared to result from perpetrators downloading employees’ W-2 information from the university’s vendor, W-2 Express, and then using the info to file fraudulent returns. W-2 information typically includes an employee’s name and address, their wage and salary information, as well…
IE: Civil Service payroll system to be audited following data breach
Elaine Edwards reports that PeoplePoint, the payroll service for about 31,000 Irish civil servants, is being audited in the wake of two breaches and other complaints. A November, 2015 breach was previously reported on DataBreaches.net, as was a more recent one in April. Edwards reports: Since PeoplePoint’s introduction [in 2013], there have also been reports…
FEMA Mishandles Sensitive Information at Disaster Sites: IG Report
Jack Moore reports: After a wildfire tears through your community, the last thing you may be worried about is having your identity stolen or your personal information breached. But maybe you should be. A new inspector general report finds the Federal Emergency Management Agency still struggles to properly handle the safeguarding of personally identifiable information,…