Commentaries and Analyses – Page 721

UK: Customer data loss soars at financial firms

Posted on August 25, 2014 by Dissent

Tessa Norman reports: The number of customer data loss incidents reported to the FCA [Financial Conduct Authority] has increased significantly in the past year. A Freedom of Information request published by the FCA shows that in 2013, the regulator was notified of 13 incidents where firms have lost customer data or had it stolen. Some…

Colleges and universities among highest risk for data breaches

Posted on August 21, 2014 by Dissent

David Weldon writes: While retailers and healthcare organizations have dominated much of the data breach media attention in recent weeks, a new study finds that the nation’s colleges and universities are at even greater risk for cyberattacks. In an email to FierceCIO, the security firm BitSight Technologies shared highlights of its new research report, “Powerhouses and…

The FTC’s Controversial Battle To Force Companies To Protect Your Data

Posted on August 21, 2014 by Dissent

Kashmir Hill writes: Hacker conference Defcon has a long tradition of playing “spot the fed,” a game that involves outing government types who attend under the radar to learn about the latest hacking tricks and those who are expert at developing them. There was little challenge in the game this August when it came to…

Heartbleed Not Only Reason For Health Systems Breach

Posted on August 21, 2014 by Dissent

Community Health Systems’ bad patching practices are nothing compared to its poor encryption, network monitoring, fraud detection, and data segmentation, experts say. Read more on Dark Reading. If HHS wants to go after CHS, this article certainly lays out the technical security safeguards that may not have been in place.

Hacking Exposed 78% Of All Records Compromised In First Half Of 2014

Posted on August 20, 2014 by Dissent

RiskBased Security reports: We are pleased to release our Data Breach QuickView report that shows that 2014 is on pace to replace 2013 as the highest year on record for exposed records, and the recently reported exposure of 1.2 billion email addresses and user names has not been included. The 1331 incidents reported during the first half…

Is your firm violating the Data Protection Act or begging for a hack of its Twitter account? (updated)

Posted on August 20, 2014 by Dissent

ThreeUK, who claim to have a 45% share of all mobile traffic in the UK, has a social media presence on Facebook and Twitter. They also have a dangerous practice of requesting customers provide personal details such as full name, phone number, postcode, and date of birth via direct messages (DM) to their support team, e.g.,…