Timothy Cornell of Clifford Chance US LLP has an interesting write-up on the Wyndham case that really details the time and labor costs of responding to a government investigation following a data breach. Here’s an example: On April 8, 2010, the FTC began to investigate Wyndham Worldwide and three of its subsidiaries (collectively “Wyndham”), sending Wyndham…
Category: Commentaries and Analyses
Ca: Office of Auditor General lost 120 encrypted USB drives: documents
Joanna Smith reports from Ottawa: An internal investigation at the Office of the Auditor General found that about 22 per cent of the encrypted USB drives entrusted to employees were lost, according to newly released documents. […] “The management of these USB drives was not strictly enforced. Employees were given IT Security information sessions on…
Data Breaches Hit Half of America: Verizon Report
David Morrison writes: Almost half of all American consumers (45%) said data security breaches have compromised their personal payment information or that of a household member, according Verizon’s 2015 PCI Compliance Report. The document suggested credit unions and other card issuers might suffer damage from card security breaches until consumers start using payment cards with embedded…
“University of Racism” hacked; will others go after U. of Oklahoma student records?
“Because none of them seem to give a shit…” – a hacker commenting on the lack of response to notifying the U. of Oklahoma that he had hacked them. This blogger has repeatedly lamented the generally inadequate data security in the education sector and the fact that no federal agency actually enforces data security at the post-secondary…
Adventures in breach alerts, Saturday edition
If you’re going to misdirect a fax containing personal information, you probably don’t want to misdirect it to a security firm with a blog. SLC Security reports that they received faxes from William Farrell, CPA of Cary, NC containing what appeared to be payroll information. When they tried to contact the firm using the contact email prominently posted on the firm’s…
Saving Private Files: what extortionists demand for decrypting user data
Kaspersky Lab writes: Computer users in many countries are increasingly falling victim to so-called encryption malware – programs that encrypt important data on infected computers and then demand a ransom to decrypt it. In 2014, over 7 million attempts to carry out such attacks were made against Kaspersky Lab users alone. Kaspersky Lab experts have…