Earlier this year, I reached out to the Electronic Privacy Information Center (EPIC), to encourage them to join DataBreaches.net in filing a complaint with the FTC concerning the massive data breach at Maricopa County Community Colleges District (MCCCD). I am pleased to see that they have done so, agreeing with me that MCCCD is covered by…
Category: Commentaries and Analyses
We Take Your Privacy and Security. Seriously.
One of the things Brian Krebs and I seem to have in common is that you don’t want to have to send either of us a breach notification letter. Brian writes of his own recent experience with Cox, who wrote to him and 51 other customers: “On or about Aug. 13, 2014, “we learned that one…
Security Breach Puts Altegrity’s Integrity And Liquidity On The Line
Kate Marino reports: Hackers have claimed some high-profile corporate victims over the last year, with household names like Target and Home Depot typically reaping the lion’s share of media attention. Cyber attacks represent a growing threat to the business world, and their fallout could cost the global economy as much as $3 trillion by 2020, according to a McKinsey & Co….
Bash bug: Shell Shocked yet? You will be … when this goes WORM
Darren Pauli reports: Much of the impact of the Shell Shocked vulnerability is unknown and will surface in the coming months as researchers, admins and attackers (natch) find new avenues of exploitation. The vulnerability, coined Shell Shocked by researcher Robert Graham, existed in the Bash command interpreter up to version 4.3 and affected scores of servers,…
Operation Harkonnen Malware disguised as ‘harmless Adware’
Michael Shuff reports: Further details are emerging today of the methods used in the massive and long-lasting Operation Harkonnen cyber attack (‘Harkonnen Hack’) methodology that has allegedly exposed the data of 300 leading European organisations since 2003. The victims of the German gang thought to be responsible include banks, government organisations and major corporations, most…
Ca: Employer liability for privacy breaches by employees
Daniel Mayer writes: A class action was recently allowed to proceed in Ontario against a major bank after one of its employees admitted to accessing and disclosing to third parties confidential information of the bank’s customers. While this case is not a final decision as to whether the bank was actually liable for its employee’s…