I just read an interesting news piece related to the previous blog entry on the black market sale of personal information in Japan. It seems that Japan’s personal information protection law which went into effect in 2005 created the market, and one group made almost $11 million using employees of numerous companies to provide the…
Category: Commentaries and Analyses
The staggering cost of a data breach
Occasionally, I check Global Payments’ site for information on what their breach(es) last year cost them. Here’s what they reported in their SEC 10-K/A filing today: For the year ended May 31, 2012, we have recorded $84.4 million of expense associated with this incident. Of this amount, $19.0 million represents the costs we have incurred…
RiteAid mobile app left customer prescription history vulnerable – customer
Cross-posted PHIprivacy.net: When Michael Ramirez recently used RiteAid’s mobile app to check on a prescription, he never expected to be able to access other customers’ names, addresses, and prescription records. But he was able to, and now Ramirez, a computer scientist working for the Navy’s Space and Naval Warfare Systems Command in Charleston, is going…
Hacktivism skews security trend analysis
The re-emergence of the hacktivist movement appears to have thrown a spanner in the works for those in the InfoSec industry charged with data breach trend analysis. There has been a series of massive data breaches over the last 16 months – each of which compromised more than a million identities. During the same time,…
Debate heats up in Oz over data liability
Hamish Barwick reports: The call for mandatory data breach notifications and potential legal proceedings against enterprises who fail to protect customer data has become a little louder in Australia, according to the findings of a new survey. The report, entitled Australian Consumer Data Survey 2012, which was conducted for iSeek Communications in July 2012 with…
AU: Schools clueless about IT security, reveals study
Byron Connolly reports: Almost one in two Australian secondary and tertiary schools do not have an IT security awareness program in place and alarmingly, 53 per cent didn’t know what information was taken during a data breach, according to a study commissioned by Symantec.cloud. The study asked around 500 teachers and administration staff at 168…