Darren Pauli reports: A single group could be behind the monstrous Cryptowall 3.0 ransomware, widely considered to be one of the most menacing threats to end users that has fleeced victims of millions of dollars. Intel Security, Palo Alto Networks, Fortinet, and Symantec under the Cyber Threat Alliance have probed the net scourge revealing that…
Category: Commentaries and Analyses
Our veterans deserve better infosecurity of their information
When News3 in Madison, Wisconsin started digging into a breach involving 637 veterans’ Social Security numbers, what they found should have everyone asking the VA some hard questions. Adam Schrager reports: The Social Security numbers of Wisconsin veterans are being sent via email without encryption despite numerous federal laws and U.S. Department of Veterans Affairs…
First data breach case granted standing in Pennsylvania
Hanna Nakano reports: Standing has been found for the first time in a data breach case in the State of Pennsylvania. U.S. District Court for the Eastern District of Pennsylvania found standing in claims of injury as a result of data breach in Enslin v. Coca Cola. This is the first time a federal court in…
Breaches, traders, plain text passwords, ethical disclosure and 000webhost
Troy Hunt writes: It’s a bit hard to even know where to begin with this one, perhaps at the start and then I’ll try and piece all the bits together as best I can. As you may already know if you’re familiar with this blog, I run the service Have I been pwned? (HIBP) which…
TalkTalk requiring upset customers pay contract termination fee after data breach
From the if-they-have-a-PR-firm-are-they-even-listening-to-them dept: TalkTalk is becoming the poster child for poor PR and how NOT to respond after a data breach. In today’s installment, the BBC reports that the firm will only waive contract termination fees if the customer has had money stolen from them. “In the unlikely event that money is stolen from…
UK: ICO confirms issue of data breach compensation a matter for consumers to pursue with companies or via the courts
From Out-Law.com: The Information Commissioner’s Office (ICO) in the UK cannot force companies to pay compensation to consumers affected by a data breach, the watchdog has confirmed. On Monday, the UK’s culture minister Ed Vaizey told MPs in the House of Commons that it would be “a matter for the Information Commissioner’s Office and TalkTalk to decide…