Back in February, this site noted a report indicating that Roterham Council had covered up the theft of 21 laptops containing sensitive information about victims of child sexual exploitation. Now more details have emerged about the cover up. Chris Burn of The Star reports on documents obtained under Freedom of Information from the Information Commissioner’s Office….
Category: Commentaries and Analyses
U.S. SEC fines advisory firm for shoddy controls following cyber attack traced to China
Sarah N. Lynch reports: A St. Louis-based investment advisory firm will pay $75,000 to settle civil charges alleging it failed “entirely” to protect its clients from a July 2013 cyber attack that was later traced to China, U.S. regulators said on Tuesday. The Securities and Exchange Commission said R.T. Jones Capital Equities Management did not…
State Data Breach Notification Requirements Specifically Applicable to Insurers
Patrick H. Haggerty’s article is particularly timely this week in light of the Systema Software data leak. Almost all U.S. states and territories have enacted breach notification laws requiring private and/or government entities to notify individuals when their personal information is compromised. These laws vary, and much has been written about the challenges caused by…
Should Hacked Feds Lose Security Clearance?
Jack Moore reports: If you fall for a phishing email, should you have your ability to handle sensitive government information revoked? At least one federal chief information security officer is concerned about how frequently even senior-level federal employees fall for the bogus emails and is considering get-tough solutions. Read more on Defense One. via Ars Technica
Researchers Find Major Security and Privacy Issues in Smart Sheriff Parental Monitoring Application
I had first raised concerns about “Smart Sheriff” software back in May when I first heard about it, but now The Citizen Lab has investigated it more and issued a concerning report. Their press release, courtesy of a Canadian reader: Toronto, Canada (20 September 2015) — Today, the Citizen Lab at the Munk School of Global Affairs, University of Toronto…
Inside Target Corp., Days After 2013 Breach
Brian Krebs reports: In December 2013, just days after a data breach exposed 40 million customer debit and credit card accounts, Target Corp. hired security experts at Verizon to probe its networks for weaknesses. The results of that confidential investigation — until now never publicly revealed — confirm what pundits have long suspected: Once inside Target’s network, there was nothing stop…