One of the frustrations identity theft victims experience is that they often have no idea how their identity information was compromised. Some of this site’s readers may have figured it out for themselves in looking into breach notification letters they got from CICS, but for all too many people, there are no answers. Consider some folks…
Category: Commentaries and Analyses
Tens of thousands MongoDB databases easily accessible from the Internet
Help Net Security reports: A group of students from Saarland University’s Center for IT-Security, Privacy and Accountability (CISPA) have discovered tens of thousands MongoDB databases accessible to remote attackers, including a couple belonging to big companies and containing personal and financial information of millions of their users. MongoDB is a popular cross-platform, document-oriented NoSQL database,…
More Than 30% of Big Merchants Are Not PCI-Compliant – Study
Jim Daly reports: Fudging the numbers about their merchants’ compliance with the Payment Card Industry data-security standard (PCI) may be a common practice by merchant acquirers if findings from a new study about payment card data security are to be believed. The study by the Merchant Acquirers’ Committee, an association of more than 500…
Is It Time for a Wall of Shame for the Education Sector?
Over the past few months, SLC Security has been noting a lot of malware and botnet activity in the education sector – problems, they say, that the entities often don’t acknowledge when SLC Security attempts to alert them to problems. Yesterday, SLC Security wrote that they were seeing traffic from: New York University -Malicious Activity Princeton University – Malicious…
Jeb Bush probably won’t be running on a privacy platform after doxxing everyone
Maybe one of the qualifications for President in the Constitution should be: “Has the common sense not to expose everyone’s personal information to the world.” T.C. Sottek reports: Jeb Bush, a rumored 2016 Republican presidential candidate, just decided to publish hundreds of thousands of emails sent to him during his time as governor of Florida….
New Mexico needs a data breach notification law, but is this the right one?
Will New Mexico finally join the ranks of states that require data breach notification or will it remain one of only three holdouts? Dan Mayfield reports that Rep. Bill Rehm has introduced a bill to require businesses to notify consumers in the event of a breach. Rehm tried to pass a similar bill last year but got pushback from…