Angel Diaz writes: Big or small, all bank accounts are susceptible to hijacking and fraudulent wire transfers. Banks ordinarily bear the risk of loss for unauthorized wire transfers. Two independent frameworks exist to govern these transfers: the Electronic Fund Transfer Act (“EFTA”) for consumer accounts, and Article 4A of the Uniform Commercial Code (“UCC”) for…
Category: Commentaries and Analyses
Quinn Norton: We Should All Step Back from Security Journalism. I’ll Go First.
Last week, Quinn Norton wrote a disturbing and thoughtful essay. Those of us who conduct research or investigate and report on breaches generally share her concerns, if not her decision to withdraw from security journalism. The Barrett Brown case, and the prosecution’s attempt to criminalize linking to publicly available data may lead others, too, to…
Boomerang continues to demonstrate how NOT to handle a possible breach
On January 13, I wrote: And for Tuesday’s edition of “How Not to Handle a Reported Breach,” we give you….. (drum roll)…. Boomerang Rentals. Although Boomerang has continued to investigate claims of a breach resulting in fraudulent charges, and have brought in a third party to assist in their investigation, they still haven’t notified consumers…
Court Rules in Favor of Breached Retailer
Tracy Kitten reports: A breached retailer has won a court ruling against its payments processor and merchant bank, setting a $500,000 cap on how much it must pay for a point-of-sale breach it suffered in late 2012. Now the processor and bank must pick up the rest of the breach-related tab. […] On Jan. 15,…
All Verizon Customer Emails Were Opened Up To Hackers Thanks To Glaring Bug
Thomas Fox-Brewster reports: US telecoms giant Verizon has had a bad couple of years from a privacy point of view, from revelations of unrestrained NSA access to its’ customers call metadata or “permacookies” that could have permanently tracked users web activity. It could do without any other embarrassment, but on Sunday a researcher revealed a glaring vulnerability related…
President Obama’s Security Breach Notification Bill Needs Work
Elizabeth H. Johnson and Lynn C. Percival IV of Poyner Spruill have their own objections to the President’s proposal for a federal data breach notification law. You can read their analysis and comments here.