Kelly Jackson Higgins reports: A state trooper responding to a call starts his vehicle, but is unable to shift the gear from park to drive. The engine RPMs suddenly spike and the engine accelerates, no foot on the pedal. Then the engine cuts off on its own. The unmarked 2012 Chevrolet Impala from the Virginia…
Category: Commentaries and Analyses
Factory settings FAIL: Data easily recovered from eBayed smartphones, disks
John Leyden reports: Data recovery experts have found a raft personal information from used hard drives and mobile phones purchased from Amazon, eBay and Gazelle in the UK, US and Germany. The research, by Blancco Technology Group and Kroll Ontrack, once again shows that failure to erase data from discarded devices continues to be a…
Danish Bank Leaves Server in Debug Mode, Exposes Sensitive Information in JavaScript Comments
Catalin Cimpanu reports: Dutch IT security expert Sijmen Ruwhof has found a pretty big blunder on the part of Danske Bank, Denmark’s biggest bank, which exposed sensitive user session information in the form of an encoded data dump, in their banking portal’s JavaScript files. Mr. Ruwhof started to research Danish banking policies out of curiosity,…
FTSE heads for weekly rise but Experian drops on US data breach
It’s always interesting to see if a company’s stock prices take any hit from a breach. Nick Fletcher reports on The Guardian: Leading shares are moving higher ahead of the US jobs data, with banks boosted by news of a deadline being set for consumers to claim for mis-sold payment protection insurance. But Experian has dropped more…
The complaint to FTC about Experian that accomplished… what?
Today, Experian disclosed another data breach. This one affected 15 million customers of T-Mobile USA, for whom Experian hosts consumer data used for credit checks for new accounts. In tweeting my frustration about this latest incident, @emptywheel suggested I post the complaint I filed with the FTC about Experian in 2012. After some thought, I’ve decided…
Reports slam OCR’s poor oversight of HIPAA covered entities, breach followup efforts
If you follow HHS’s public breach tool and investigations closely, two reports from the Office of the Inspector General (OIG) finding lax oversight and insufficient follow-up will come as no surprise. Susan Hall of FierceHealthIT has a good recap: The former report was based on reviews of a statistical sample of privacy cases investigated by OCR between September…