Jamie Ross of Courthouse News reports that another lawsuit has been filed against Maricopa County Community College District (MCCCD) following a data breach it disclosed in November 2013 (search MCCCD for all previous coverage on this blog). This latest lawsuit was reportedly filed by Jason Liebich, a current student at Phoenix College. It was filed in…
Category: Commentaries and Analyses
SEC Needs to Improve Controls over Financial Systems and Data – GAO Report
Highlights from a GAO report released yesterday: Although the Securities and Exchange Commission (SEC) had implemented and made progress in strengthening information security controls, weaknesses limited their effectiveness in protecting the confidentiality, integrity, and availability of a key financial system. For this system’s network, servers, applications, and databases, weaknesses in several controls were found, as…
DOJ sends evidence preservation request to Domains by Proxy for details of CyberWarNews.info blogger
Some days, it’s not easy being a data breach researcher and citizen journalist. In time, you somewhat get used to legal threats because you published something a company took exception to, and you shrug when your site gets DDoSed by those who don’t like your criticism of their hacking activities. But when the U.S. Department of…
Half to one third of personal data in Bulgaria ‘completely compromised’
The Sofia Globe reports: The scandal in Bulgaria about illicit use of personal data by some political parties to file election registration applications has highlighted the lack of security of official personal identity numbers. Such numbers, commonly known by their Bulgarian abbreviation as EGNs, can be found on the internet, such as on lists of…
TrueCrypt audit: Probe’s nearly all the way in … no backdoor hit yet
John Leyden reports: The first phase of crowd-funded audit of TrueCrypt has turned up several vulnerabilities, but nothing particularly amiss and certainly nothing that looks like a backdoor. iSEC Partners, which was contracted to carry out the audit by the Open Crypto Audit Project (OCAP), found 11 vulnerabilities in the full disk and file encryption…
Breaking down the court’s decision in FTC v. Wyndham Worldwide
Here’s another commentary/analysis of Judge Salas’s ruling on Wyndham’s motion to dismss that is worth noting here, by the law firm of Covington & Burling: They write, in part: The FTC’s data-security authority is still in jeopardy. Although the FTC is the plaintiff in this case, it is really Wyndham that is on the offensive. If…