Last week, I linked to a report from Consumer Reports that contained a somewhat startling allegation by the former director of security compliance for Wyndham: Now, David Durko, former director of Wyndham’s security compliance management, says that many independently owned and operated Wyndham hotels doing business under the Super 8 brand name don’t comply with Payment…
Category: Commentaries and Analyses
Serious security flaw in OAuth and OpenID discovered
Aloysius Low reports: Following in the steps of the OpenSSL vulnerability Heartbleed, another major flaw has been found in popular open-source security software. This time, the holes have been found in the login tools OAuth and OpenID, used by many websites and tech titans including Google, Facebook, Microsoft, and LinkedIn, among others. Wang Jing, a Ph.D student…
Think ID theft is a problem here? Try protecting one billion people
CIOL has an interesting news report about improving the accuracy of national biometric IDs, as used in India’s Aadhaar program. The Aadhaar program, which I’ve blogged about occasionally over on PogoWasRight.org, collects citizens’ fingerprints or eye scans and the ID cards are used to secure benefits under state programs. So far, about 500 million people’s data…
Class action lawsuit filed against Maricopa County Community Colleges District
A law firm that had filed notices of claim against MCCCD over its 2013 breach that exposed the information of almost 2.5 million current and former students, employees, and vendors, has now filed a class action lawsuit. On Monday, April 28, 2014, Gallagher & Kennedy filed a class action lawsuit in the Superior Court of…
Port Jefferson Union Free School District IT assets not adequately secured – audit
As it has done with other school districts, the NYS Comptroller’s Office has released its audit of Information Technology for the Port Jefferson Union Free School District. The audit covered the period July 1, 2012 — August 31, 2013. Here’s a snippet from their report findings: The Board and District officials need to improve controls…
Verizon Data Breach Report: Payment-Card Theft Can Be Avoided at Little Cost
Danny Yadron reports: There were nearly 200 hacks last year of the payment systems used by retailers, hotels and restaurants. Most of them could have been prevented without spending much money, according to a new report from Verizon’s cybersecurity team. The theft of 40 million credit and debit card numbers from Target last year raised new questions…