An investigation into the data protection practices of the Metropolitan Police – the UK’s biggest force – has exposed a litany of data breaches, with a charge-sheet that includes officers even handing information to underworld figures. In total there were 300 breaches of data protection rules at The Met between 2009 and 2013 but the…
Category: Commentaries and Analyses
In his words: How a whitehat hacked a university and became an FBI target
Sean Gallagher reports on the hack of U. Maryland that got a contractor’s former employee in hot water with the FBI: David Helkowski stood waiting outside a restaurant in Towson, Maryland, fresh from a visit to the unemployment office. Recently let go from his computer consulting job after engaging in some “freelance hacking” of a…
FTC told to disclose the data security standards it uses for data security enforcement actions
Jaikumar Vijayan reports: The Federal Trade Commission (FTC) can be compelled to disclose details of the data security standards it uses to pursue enforcement action against companies that suffer data breaches, the agency’s chief administrative law judge ruled Thursday. The decision came in response to a motion filed by LabMD, a now-defunct medical laboratory that…
Ex-Insider Sounds Alarm On Hotel And Restaurant Data Security
Last week, I linked to a report from Consumer Reports that contained a somewhat startling allegation by the former director of security compliance for Wyndham: Now, David Durko, former director of Wyndham’s security compliance management, says that many independently owned and operated Wyndham hotels doing business under the Super 8 brand name don’t comply with Payment…
Serious security flaw in OAuth and OpenID discovered
Aloysius Low reports: Following in the steps of the OpenSSL vulnerability Heartbleed, another major flaw has been found in popular open-source security software. This time, the holes have been found in the login tools OAuth and OpenID, used by many websites and tech titans including Google, Facebook, Microsoft, and LinkedIn, among others. Wang Jing, a Ph.D student…
Think ID theft is a problem here? Try protecting one billion people
CIOL has an interesting news report about improving the accuracy of national biometric IDs, as used in India’s Aadhaar program. The Aadhaar program, which I’ve blogged about occasionally over on PogoWasRight.org, collects citizens’ fingerprints or eye scans and the ID cards are used to secure benefits under state programs. So far, about 500 million people’s data…