Troy Hunt writes: To date, I’ve avoided commenting on the other Ashley Madison search services and have invested my efforts purely in keeping Have I been pwned? (HIBP) ticking along. I’ve seen them come and indeed I’ve seen some of them go too. I’ve seen many that enable you to get confirmation about the presence of an…
Category: Commentaries and Analyses
Notification of security breach via Twitter?
If your business has a Twitter account, do those responsible for it know how to respond to tweets informing them of a data security breach? I haven’t compiled any hard data, but it seems to me that less than 5% of attempts to notify companies of breaches via their Twitter team results in any acknowledgement….
The OPM breach details you haven’t seen
Sean Lyngaas reports: An official timeline of the Office of Personnel Management breach obtained by FCW pinpoints the hackers’ calibrated extraction of data and the government’s step-by-step response. It illuminates a sequence of events that lawmakers have struggled to pin down in public hearings with Obama administration officials. The timeline makes clear that the heist…
JP: Pension data leak points to deeply flawed security culture
The Asahi Shimbun has an editorial about the Japan Pension Service leak reported previously on this blog. The editorial begins: Two reports have been released about the leak of personal data concerning 1.25 million or so people from the Japan Pension Service’s computer system due to a security breach caused by e-mails containing computer viruses….
Chaffetz wants answers from US-CERT, OPM on hack
Adam Mazmanian reports that the House Oversight and Government Reform Committee is asking some very specific questions of OPM and US-CERT: Chaffetz wants US-CERT, a unit of the Department of Homeland Security, to report on when it was first contacted by OPM to report the breach, and any reporting or analysis on the nature of…
Lawsuits over Ashley Madison hack face tough road
Bree Fowler of AP explains why victims of the AshleyMadison.com breach may have a tough time trying to sue Avid Life Media over the breach. Citing one lawyer’s opinion, Fowler reports: Regardless, Vernick says most courts have ruled that people can’t sue breached companies just because they face the possibility of becoming victims of credit…