Over on I’ve Been Mugged, George Jenkins describes what he learned when he and his wife really pursued the question of how Medical Informatics Engineering had wound up with his wife’s personal information caught up in their breach. It’s a long – but important – read, as it highlights routine business practices that may come…
Category: Commentaries and Analyses
Why does the FTC keep ignoring my inquiry?
On July 31, after reading a news story about a breach involving a school district, I emailed the FTC to ask for clarification on FACTA: I have searched and searched but cannot find a definitive answer to the following: Are k-12 public school districts covered by FACTA? Assume for purposes of my question that there…
US-CERT’s do’s-and-don’ts for after the cyber hack
Jason Miller reports that US-CERT is offering best practices for after an attack. Here’s a bit of what he reports: Hacked organizations shouldn’t automatically initiate reactive measures to the network without first consulting incident response experts. Barron-DiCamillo said US-CERT and a host of other companies do incident responses for a living as opposed systems administrators…
What did CSU do to verify vendors’ data security – and what might FTC do?
When California State University decided to purchase a We End Violence program, Agent of Change, they reportedly did consider data security. The Press-Telegram reports: Laurie Weidner, spokeswoman for the Chancellor’s Office, said CSU has not terminated its relationship with We End Violence, which administered the training program called Agent of Change. The vendor was one of…
Records: Energy Department struck repeatedly – and successfully – by cyber attacks
Steve Reilly reports: Cyber attackers successfully compromised the security of U.S. Department of Energy computer systems more than 150 times between 2010 and 2014, according to a review of federal records obtained by USA TODAY. Incident reports submitted by federal officials and contractors since late 2010 to the Energy Department’s Joint Cybersecurity Coordination Center shows a near-consistent…
UK Tops European Data Breach Table
Phil Muncaster reports: The UK suffered the most data breaches in Europe during the first half of 2015, coming second globally only to the United States, according to new data from Gemalto. The digital security and SIM card vendor claimed in its latest Breach Level Index (BLI) report that there were 63 data breaches in the UK…