Over on the Daily Dot this morning, I have a follow-up to my earlier report on an FBI raid on Justin Shafer. There was a lot of anger towards the FBI and Patterson Dental in response to the raid, and I pulled together some of my favorite comments or responses from around the Internet. But more importantly,…
Category: Commentaries and Analyses
LinkedIn’s disturbing breach notice
Computerworld editor Evan Schuman has an opinion piece that begins: Late last Wednesday (May 25), LinkedIn casually sent a note to its customers that opened with one of the least-calming phrases possible: “You may have heard reports recently about a security issue involving LinkedIn.” It continued to say, in effect, “Let us now distort and…
CERT warns of hardcoded creds in medical app
Darren Pauli reports: The US computer emergency response team has issued a warning after admin credentials were found in a popular medical application used for acquiring patient data. The MEDHOST application is designed for handling the perioperative three stages of surgery including patient tracking, and patient conditions. It can be hosted and managed remotely. About 1,000 healthcare…
CFAA overreach: FBI raids home of security researcher
From the stop-me-if-you’ve-heard-this-one-before dept: Over on Daily Dot this morning, I reported that the FBI executed a search warrant at the home of researcher Justin Shafer. Shafer’s name will be familiar to regular readers of DataBreaches.net because he exposed a long-standing security vulnerability in Dentrix software and challenged Henry Schein’s claims that their product provided “encryption.” Our combined efforts resulted in…
Heads Up Internet: Time to Kill Another Dangerous CFAA Bill
Jamie Williams writes: The Computer Fraud and Abuse Act (CFAA), the federal “anti-hacking” statute, is long overdue for reform. The 1986 law—which was prompted in part by fear generated by the 1983 technothriller WarGames—is vague, draconian, and notoriously out of touch with how we use computers today. Unfortunately, Sens. Sheldon Whitehouse and Lindsey Graham are on a mission…
8th Circuit Upholds Data Breach Coverage for Bank Loss Following Hacker’s Fraudulent Transfer
Ken Kronstadt and Crystal Skelton of Kelley Drye & Warren LLP write: Last week, the Eighth Circuit upheld a lower court’s ruling in State Bank of Bellingham v. BancInsure Inc., finding that a bank employee’s negligence in securing its computer network did not preclude coverage for a data breach resulting in a fraudulent funds transfer. The decision…