Tu-Uyen Tran reports that an audit conducted in the wake of NDUS’s breach earlier this year found major problems that went far beyond the few employees who were eventually fired: An email a stranger sent to the North Dakota University System’s computer security officer on the morning of Feb. 7 was the first sign that…
Category: Commentaries and Analyses
Should the FTC Be Regulating Privacy and Data Security?
Daniel Solove and Woodrow Hartzog write: This past Tuesday the Federal Trade Commission (FTC) filed a complaint against AT&T for allegedly throttling the Internet of its customers even though they paid for unlimited data plans. This complaint was surprising for many, who thought the Federal Communications Commission (FCC) was the agency that handled such telecommunications issues. Is…
Retailers accuse credit unions of talking smack about card breaches
Sean Gallagher reports: Reeling from the bad press associated with an ongoing parade of data breaches caused by criminal infiltration of their payment systems, representatives of six retail industry associations signed a joint open letter that pushes back against a vocal critic of retailers’ cyber-security practices—credit union associations. In the letter addressed to the presidents of…
How to spot a fake online data dump
Both Kelly Jackson Higgins and Brian Krebs had columns yesterday on a report by Allison Nixon of Deloitte on how to vet a data dump. The report should be required reading for journalists as the reputation harm that can occur by publishing or repeating false claims of a hack can be significant. While many will immediately think…
EvilToss and Sourface hacker crew ‘likely’ backed by Kremlin – FireEye
Darren Pauli reports: Russia is “likely” sponsoring a hacking outfit that targets foreign governments and security organisations, the US intelligence firm FireEye claims. “APT28”, a group operating for possibly more than a decade, has attacked governments in Georgia, Eastern Europe, as well as NATO and the Organisation for Security and Co-operation in Europe, the company…
South African firms complacent about attacks
IT-Online reports: Mobile security breaches have affected 58% of South African organisations in the last 12 months. Despite this, they are still not taking sufficient security measures to protect themselves against mobile threats, such as lost or stolen devices and malware infections. In fact, the new study from BT reveals that more than two fifths…