Chairman John D. (Jay) Rockefeller IV today released a staff report titled, “A ‘Kill Chain’ Analysis of the 2013 Target Data Breach.” The report details how Target possibly failed to take advantage of several opportunities to prevent the massive data breach in 2013 when cyber criminals stole the financial and personal information of as many…
Category: Commentaries and Analyses
GAO: VA Needs to Address Long-Standing Challenges
Highlights from the GAO Report, “INFORMATION SECURITY: VA Needs to Address Long-Standing Challenges (GAO-14-469T): The Department of Veterans Affairs (VA) continues to face long-standing challenges in effectively implementing its information security program. Specifically, from fiscal year 2007 through 2013, VA has consistently had weaknesses in key information security control areas (see table). Control Weaknesses for…
U.S. notified 3,000 companies in 2013 about cyberattacks
Ellen Nakashima reports: Federal agents notified more than 3,000 U.S. companies last year that their computer systems had been hacked, White House officials have told industry executives, marking the first time the government has revealed how often it tipped off the private sector to cyberintrusions. The alerts went to firms large and small, from local…
Maricopa County Community College District sued to compel public records production (update 1)
You may not be reading much in the news recently about the breach involving Maricopa County Community College District (MCCCD), but there’s a lot going on. Unfortunately, MCCCD has reportedly not been particularly forthcoming with records that might shed light on what really happened back in 2011 when MCCCD was informed by the FBI that…
Prosecutors Admit They Don’t Understand What Weev Did, But They’re Sure It’s Like Blowing Up A Nuclear Plant
Perhaps one of the stupidest things a prosecutor trying to defend criminal prosecution under CFAA can say is to admit that they have no understanding of what the alleged “hacker” did that made his conduct a hack or violation of CFAA. But that’s pretty much what happened in a Philadelphia courtroom yesterday during Weev’s appeal…
If you receive a breach notification letter offering you free credit monitoring….
Then Brian Kreb’s column today is a MUST READ for you. Find out what these services do – and don’t do – and what your alternatives are.