I was reading a news story about a criminal case involving ID theft, where many of the documents with personal information may have been obtained from car burglaries, when I came across this: Police discovered about 1,000 identities along with forged documents at the two locations, prosecutors said. “Chaplin had such a large amount of…
Category: Commentaries and Analyses
Report indicates insider threats leading cause of data breaches in last 12 months
Grant Hatchimonji writes: While threats to data security and privacy are often perceived to come from the outside, all signs point to internal threats being just as dangerous, intentional or not. Forrester recently released its Understand the State of Data Security and Privacy report, which offered insight on the reasons behind data breaches, with internal…
Visa’s fines are punitive, not compensatory – Genesco
More on Genesco’s lawsuit over Visa’s fines following a data breach: Jeffrey Benzing reports that Genesco is arguing that Visa’s own internal documents show that they view breach fines as penalties and not compensatory. Genesco argues that the fines are therefore unenforceable under California law. Read more about their legal argument on Main Justice. Previous…
Opening The Flood Gates? California Voters May Create Presumption Of Harm In Privacy Breach Cases
Julian D. Perlman of BakerHostetler writes: California has moved one step closer towards amending its Constitution to create a presumption of harm whenever personal data is shared without a consumer’s express opt-in, a change that would clear a significant hurdle to many privacy breach lawsuits. On Thursday, California Secretary of State Debra Bowen approved steps…
International Data Breach Laws Are All Over The Map
Ben DiPietro reports: Laws on sharing and disclosure of data and personal information differ widely among countries, greatly complicating the compliance challenges of companies operating internationally. Read more on Wall Street Journal. As DiPietro reports, different laws also differentially impact – and may impede – forensic analysis of breaches.
Data Broker Giants Hacked by ID Theft Service
Brian Krebs has a must-read investigative piece about how ssndob.ms – an underground marketplace selling oodles of usable personal information (some of which we saw earlier this year on exposed.su) – gained access to major U.S. consumer and business data aggregators to obtain some of the data they were selling. LexisNexis, Dun & Bradstreet, Kroll…