Derek Bambauer writes: It’s the most wonderful time of the year… for data breaches.Target may have compromised as many as 40 million credit and debit cards used by shoppers in their stores. What liability will they face? At George Mason’s excellent workshop on cybersecurity, there was a spirited debate over the mechanisms of enforcing security standards. (This…
Category: Commentaries and Analyses
There are lessons to be learned from the Maricopa County Community Colleges breach. Learn them, dammit.
I generally do not write “lessons learned from [X breach] ” posts, because I seriously doubt people have really learned anything. Instead of headlines like “Lessons learned from…,” what we should be writing is, “If you don’t learn from this, then you’re an idiot and should never be allowed near consumers’ personal information.” In any…
From my mail bag…
Cross-posted from phiprivacy.net: Over on DataBreaches.net, a number of people are reporting that they have received notification letters for the Maricopa Community Colleges breach, but that they’ve never attended the college and have no idea why they’re receiving letters. Today, I got an email about a breach reported on this site (phiprivacy.net). I’m redacting it, but…
Ranking Members Waxman and DeGette Release Memo on Healthcare.gov Security
Over on beSpacific, Sabrinia Pacifici writes: “Today Energy and Commerce Committee Ranking Member Henry A. Waxman and Oversight and Investigations Subcommittee Ranking Member Diana DeGette released a memo to Democratic Committee members regarding the security of Healthcare.gov. In a classified briefing two days ago, HHS officials revealed that there have been no successful security attacks…
IG: Personal Information Stolen from 104,179 after Energy Department Cyber Attack
Elizabeth Harrington reports on a newly-released Inspector General’s report on the hack at the Department of Energy previously covered on this blog. Some of the highlights: The Energy department was aware of “early warning signs” that personally identifiable information (PII) of its employees was at risk. The attackers used exploits commonly available on the internet…
National American University students’ financial information exposed, but what laws protect them?
Joe O’Sullivan reports: When National American University moved from one Rapid City campus to a new location earlier this year, the school or a contractor appears to have improperly disposed of thousands of sensitive student financial records that included names, addresses, loan numbers and Social Security numbers, according to documents reviewed by the Rapid City…