Brian Krebs writes: In October 2013, KrebsOnSecurity published an exclusive story detailing how a Vietnamese man running an online identity theft service bought personal and financial records on Americans directly from a company owned by Experian, one of the three major U.S. credit bureaus. Today’s story looks deeper at the damage wrought in this colossal misstep by one…
Category: Commentaries and Analyses
No consensus on notifying victims of data breaches, but I have a few thoughts
Eric Tucker of Associated Press reports: The data breach at Target Corp. that exposed millions of credit card numbers has focused attention on the patchwork of state consumer notification laws and renewed a push for a single national standard. Most states have laws that require retailers to disclose data breaches, but the laws vary wildly….
Behind The Scenes—What One Major University Learned After A Data Breach
Jeanne Price of idRADAR interviewed a University of Maryland spokesperson about their recent breach. The interview provides a nice insider’s perspective on breach response, and you may wish to read it all here. Perhaps the most startling revelation was this one: UMD did not have a data breach crisis plan in place before the event,…
NY: Audit of Frontier Central School District finds inadequate security and policies for mobile devices
An audit of Frontier Central School District by the Office of the New York State Comptroller was released yesterday. The audit covered the period July 1, 2010 — August 22, 2013 and included audit of mobile device use and security. As background: there are six schools in operation within the District, with approximately 5,100 students and 1,000 employees. The…
How the feds brought down a notorious Russian hacker
Donna Leinwand Leger and Anna Arutunyan report: Sasha Panin called himself “Gribodemon,” and his evil works in the world of cybercrime have bedeviled millions. Panin is a 20-something Russian computer whiz who until a few years ago lived in obscurity with his grandmother in this struggling riverside city. Working from a Moscow apartment, federal prosecutors…
Weds: House Financial Services subcommittee to hold hearing on data breaches
Julian Hattem reports: Data security will be back in the spotlight on Wednesday, when a House Financial Services subcommittee hears from top law enforcement, consumer advocacy and industry experts. The hearing will be the fifth Congress has held since Target revealed late last year that a hacker had stolen millions of users’ information during the…