Ricardo Alonso-Zaldivar of AP reports that an audit by the Inspector General for Health and Human Services found serious security deficiencies in the system used to store data collected via healthcare.gov. The Obama administration said it acted quickly to fix all the problems identified by the Health and Human Services inspector general’s office. But the…
Category: Commentaries and Analyses
UK: Emails reveal how Rotherham Council bosses ‘covered up’ laptop theft details and didn’t even get a slap on the wrist from the ICO
Back in February, this site noted a report indicating that Roterham Council had covered up the theft of 21 laptops containing sensitive information about victims of child sexual exploitation. Now more details have emerged about the cover up. Chris Burn of The Star reports on documents obtained under Freedom of Information from the Information Commissioner’s Office….
U.S. SEC fines advisory firm for shoddy controls following cyber attack traced to China
Sarah N. Lynch reports: A St. Louis-based investment advisory firm will pay $75,000 to settle civil charges alleging it failed “entirely” to protect its clients from a July 2013 cyber attack that was later traced to China, U.S. regulators said on Tuesday. The Securities and Exchange Commission said R.T. Jones Capital Equities Management did not…
State Data Breach Notification Requirements Specifically Applicable to Insurers
Patrick H. Haggerty’s article is particularly timely this week in light of the Systema Software data leak. Almost all U.S. states and territories have enacted breach notification laws requiring private and/or government entities to notify individuals when their personal information is compromised. These laws vary, and much has been written about the challenges caused by…
Should Hacked Feds Lose Security Clearance?
Jack Moore reports: If you fall for a phishing email, should you have your ability to handle sensitive government information revoked? At least one federal chief information security officer is concerned about how frequently even senior-level federal employees fall for the bogus emails and is considering get-tough solutions. Read more on Defense One. via Ars Technica
Researchers Find Major Security and Privacy Issues in Smart Sheriff Parental Monitoring Application
I had first raised concerns about “Smart Sheriff” software back in May when I first heard about it, but now The Citizen Lab has investigated it more and issued a concerning report. Their press release, courtesy of a Canadian reader: Toronto, Canada (20 September 2015) — Today, the Citizen Lab at the Munk School of Global Affairs, University of Toronto…