It appears that Maricopa County Community College District (MCCCD) is doubling down on trying to throw employees under the bus in the wake of its 2013 breach affecting 2.5 million. According to a web site created by the attorney for the employees: The MCCCD Administration is accusing Mr. Corzo of not doing a job that wasn’t his…
Category: Commentaries and Analyses
FERPA does not require data breach disclosure
Over on PogoWasRight.org, I’ve recapped the U.S. Education Department’s responses to privacy complaints filed by parent and students under the Family Educational Rights and Privacy Act (FERPA). In going through the data provided to EPIC in response to their Freedom of Information Act request, I noted that in a few cases, the Family Policy Compliance…
Aloha point-of-sale terminal, sold on eBay, yields security surprises
Breaches involving point of sale (POS) systems in retail stores and the hospitality sector are all-too-common, and Aloha POS has been mentioned on this blog in some past breaches. Now Jeremy Kirk reports: Matt Oh, a senior malware researcher with HP, recently bought a single Aloha point-of-sale terminal — a brand of computerized cash register…
Mark your calendars: House Oversight hearing on FTC Section 5 Authority
The House Committee on Oversight and Government Reform will be holding a hearing next Thursday morning, July 24: The Federal Trade commission and Its Section 5 Authority: Prosecutor, Judge, and Jury No details are available yet as to who the witnesses will be, so check back next week. Those interested in the topic may wish…
22.8 million New Yorkers’ personal records exposed
AP reports: Nearly 23 million private records of New Yorkers have been exposed in data security breaches reported by more than 3,000 businesses, nonprofits and governments over the past eight years, New York’s attorney general reported. Deliberate hacking was responsible for 40 percent of the 5,000 incidents, which exposed a majority of the records, followed…
SingPass breach: time for government agencies to take security more seriously
Alfred Siew reports: Perhaps the worst thing that can happen after the recent SingPass security breach is to assume it cannot happen again. This idea that everything is working fine is foolhardy, after news last week that three of the 1,560 compromised SingPass accounts were used to apply for work permits. Thus it’s disappointing to hear the government saying there are no…