Joel Moreno reports: The state auditor is warning of a massive security breach caused by the government’s surplus computers. An investigation uncovered hard drives loaded with confidential information that could be plundered by identity thieves — and the problem has been going on for years. Every year, Washington state sells off 10,000 used computers as…
Category: Commentaries and Analyses
Hey “Chicken Littles,” Wyndham Doesn’t Mean the Sky is Falling
Jeff Kosseff writes: Based on the extensive news coverage of this week’s court ruling against Wyndham Hotels and Resorts in its battle with the Federal Trade Commission (FTC), one would think that the sky is falling on efforts to resist FTC enforcement actions relating to data security. Adweek wrote that the case is “a test for…
Reports of data protection breaches doubled for Welsh councils last year — BBC
BBC reports that Welsh councils had twice as many breaches in 2013 as they did in 2012. Here are their findings from the results of their FOI request: Cardiff council recorded 14 breaches including financial information about 15 employees was given to third parties and information being stolen from an employee’s car, who was later disciplined….
Hackers Lurking in Vents and Soda Machines
Nicole Perlroth reports: They came in through the Chinese takeout menu. Unable to breach the computer network at a big oil company, hackers infected with malware the online menu of a Chinese restaurant that was popular with employees. When the workers browsed the menu, they inadvertently downloaded code that gave the attackers a foothold in…
Critical crypto bug, Heartbleed, exposes Yahoo Mail, other passwords Russian roulette-style
Kudos to Dan Goodin for trying to help the public understand the significance of Heartbleed: Lest readers think “catastrophic” is too exaggerated a description for the critical defect affecting an estimated two-thirds of the Internet’s Web servers, consider this: at the moment this article was being prepared, the so-called Heartbleed bug was exposing end-user passwords, the…
EXCLUSIVE: U.S. Info Search is responsible for notifying victims of breach, not us – Experian
Because the data were owned and controlled by U.S. Info Search, Experian says they are not responsible for notifying victims of a breach involving Court Ventures, a firm it acquired in 2012. So why does the media only have Experian’s name in the headlines? Jim Finkle of Reuters recently reported that there is a multi-state investigation…