Add Adam Shostack’s post to your must-read list. Here’s a snippet: The National Journal published A Timeline of Government Data Breaches: I asked after the root cause, and Rich Bejtlich responded “The root cause is a focus on locking doors and windows while intruders are still in the house” with a pointer to his “Continuous Diagnostic Monitoring Does…
Category: Commentaries and Analyses
Audits find data security lapses at L.A. County agencies
Ouch. Abby Sewell reports: Security lapses in several departments of Los Angeles County government put residents’ medical information, Social Security numbers and other sensitive information at risk of being stolen, three recent audits have found. Probation, Public Health and Public Social Services, which dispenses welfare benefits, failed to deactivate computer login codes for hundreds of…
(Jeb Bush) Do as I say now, not as I did then?
Chris Frates reports: After news broke last month that suspected Chinese hackers stole the sensitive personal data of millions of Americans from the federal government’s human resources department, former Florida Gov. Jeb Bush called for the agency’s director to be fired. But when a human resources company Florida hired compromised the personal information of an…
Senator Collins’ Statement on Reports that OPM Cyber Attack Affected At Least 21.5 Individuals
There’s a lot of spluttering and public statements in response to today’s revised figures by OPM on their massive breach, but I think Senator Collins nails it. From her office: WASHINGTON, D.C.— Following the completion of its internal damage assessment, the Office of Personnel Management (OPM) announced today that the personal information of at least…
2015 Data Breach Legislation Six Month Review: Many Proposals, Few Changes
Bryan Thompson and Sean B. Hoar of Davis Wright Tremaine LLP provide a status on action – and much inaction on bills at the federal and state level: Congress has moved at a glacial pace in considering data security legislation this year, even as the fallout over major data breaches, including the OPM breach, turned…
IE: More than 100 breaches of HSE patient data in past year
Darragh McDonagh and Brian McDonald report: More than 100 data protection breaches involving sensitive personal information held by the Health Service Executive (HSE) occurred over the past year, internal documents indicate. Details of the incidents, which occurred between April 1st, 2014 and April 1st, 2015, have been released under the Freedom of Information Act. Read…