Back in February, we noted a hack involving the University of Sydney. A young hacker named “Abdilo” claimed responsibility for it and noted that he had exploited an Orsee vulnerability. Last week, Chris Howell of Honi Soit followed up on the breach: Closer to home, a reliance on security through obscurity seems to be partially responsible for…
Category: Commentaries and Analyses
China denies social security data spill
Sometimes a non-incident seems newsworthy. Today, I stumbled over this Xinhua report from April 23, responding to another report that I had never seen either, it seems: There has been no data breach of the social security network, a senior official said on Thursday following media reports. The personal information of tens of millions of…
Singapore: New Advisory Guidelines and Resources Available
The Personal Data Protection Commission of Singapore has issued new advisory guidelines and resources, particularly for SMEs. Some of them pertain to protecting electronic personal data and managing data breaches. You can access the guidelines on their site, but here are direct links to a few of them that may be of interest: Is Personal Data Safe With…
The largest cause of data security incidents is….. what?
The new BakerHostetler report on data security incidents says that human error was the largest cause of data security incidents, accounting for 36%. Their finding is consistent with the new Ponemon report that also puts employee error as the number one cause, at 39% But then you read RBS’s report on 2014 breaches where they say that 67%…
Health Industry Can’t Protect Your Records from Hackers: Report
Herb Weisbaum reports: Your medical records are a prime target for hackers and identity thieves, but the healthcare industry is not prepared to deal with a surge in data breaches, security incidents and criminal attacks, according to a new report by the Ponemon Institute released on Thursday. “Organizations in the healthcare space are not playing…
Rushed data breach notification can aid the attackers
Eric M. Friedman of Stroz Friedberg argues that rushing data breach notification may aid the criminals and cause greater harm to the very consumers we are trying to protect by notification. He writes, in part: One of the most important and time consuming tasks is scanning the massive corporate network for evidence of intrusion. These…