Maybe one of the qualifications for President in the Constitution should be: “Has the common sense not to expose everyone’s personal information to the world.” T.C. Sottek reports: Jeb Bush, a rumored 2016 Republican presidential candidate, just decided to publish hundreds of thousands of emails sent to him during his time as governor of Florida….
Category: Commentaries and Analyses
New Mexico needs a data breach notification law, but is this the right one?
Will New Mexico finally join the ranks of states that require data breach notification or will it remain one of only three holdouts? Dan Mayfield reports that Rep. Bill Rehm has introduced a bill to require businesses to notify consumers in the event of a breach. Rehm tried to pass a similar bill last year but got pushback from…
UK: A bad day in court for Medway Council
Jon Baines writes: If the Information Commissioner (IC) reasonably requires any information for the purpose of determining whether a data controller has complied or is complying with the data protection principles, section 43 of the Data Protection Act 1998 (DPA) empowers him to serve a notice on the data controller requiring it to furnish him with specified…
Fearing an FBI raid, researcher publishes 10 million passwords/usernames
Dan Goodin reports: A security consultant has published 10 million passwords along with their corresponding usernames in a move he characterized as both necessary and legally risky given a legal landscape he said increasingly threatens the free flow of hacking-related information. Most of the existing corpus of passwords exposed in hack attacks is stripped of…
Anthem Breach May Have Started in April 2014
Brian Krebs reports: Analysis of open source information on the cybercriminal infrastructure likely used to siphon 80 million Social Security numbers and other sensitive data from health insurance giant Anthem suggests the attackers may have first gained a foothold in April 2014, nine months before the company says it discovered the intrusion. Read his full article on…
Uncovering Security Flaws in Digital Education Products for Schoolchildren
Natasha Singer reports: When Tony Porterfield’s two sons came home from elementary school with an assignment to use a reading assessment site called Raz-Kids.com, he was curious, as a parent, to see how it worked. As a software engineer, he was also curious about the site’s data security practices. And he was dismayed to discover that…