Kelly Jackson Higgins writes: In the end, it may have been a foreshadowing of sorts: The team assigned to squeeze potentially sensitive information from Home Depot employees in cold calls during this year’s Social Engineering Capture the Flag (SECTF) competition at DEF CON 22 won the famed contest. The social engineering competition held last month…
Category: Commentaries and Analyses
Harry Barker, Omega Net, Geekface, SuperValu Data Breaches Measured
I’ve covered three of these breaches on this blog before, but idRADAR has some new details and includes a breach I hadn’t covered, involving HarryBarker.com: It’s often tough to know how serious a data breach is in the days immediately following discovery. Some companies like to dance around the specifics. In other cases, there are…
The unknown cyber threats sweeping Sweden
Melanie Watson writes: Over a four-week period earlier this year, KPMG studied [14 organizations] in Sweden to gather information relating to malicious traffic. During this time period, 15,586 security alerts were recorded. […] Astonishingly, 93% of those organisations that took part were ‘breached’ in the given time frame. The word ‘breached’ in this report has been defined by…
A Google Site Meant to Protect You Is Helping Hackers Attack You
Kim Zetter reports: Before companies like Microsoft and Apple release new software, the code is reviewed and tested to ensure it works as planned and to find any bugs. Hackers and cybercrooks do the same. The last thing you want if you’re a cyberthug is for your banking Trojan to crash a victim’s system and…
Cracking Coverage Issues in Data Breach Cases
Joshua Mooney of White and Williams discusses court rulings involving insurance coverage for data breaches: …. General liability policies are the most popular candidate. The policies define “personal and advertising injury” in part as injury arising out of “oral or written publication, in any manner, of material that violates a person’s right of privacy,” as…
Editorial: NMSU should have reported theft sooner
Even though they acknowledge that the law allows 60 days to notify residents of a breach, the Las Cruces Sun-News took New Mexico State University to task for not notifying students sooner of a breach involving their personal information. Read their editorial here.