Commentaries and Analyses – Page 746

Pennsylvania on data breach – shoot first, ask questions later

Posted on May 10, 2013 by Dissent

Blaine Kimrey of Lathrop & Gage LLP has a commentary on a breach notification law that passed the PA Senate. As noted previously on this blog, the bill extends existing data breach notification responsibilities to state agencies, but also requires notification of those affected within seven days. Kimrey writes: After a series of embarrassing governmental…

Lessons from EDRM/FERC/Enron Data Privacy Breaches (updated)

Posted on May 3, 2013 by Dissent

Thanks to Joe Howie of BeyondRecognition.net for alerting me to what appears to be a very long-running, inadequately remedied breach that has exposed – and may be continuing to expose – the Social Security numbers and other personal information of thousands of people. I am posting this with some hesitation, as the data may still…

Why LivingSocial’s 50-million password breach is graver than you may think

Posted on April 29, 2013 by Dissent

Dan Goodin critiques LivingSocial’s statements about the security of their passwords, noting how using SHA1 hashed passwords is not a particularly strong method, even though salting the passwords helps. Read his coverage on Ars Technica.

When, oh when, will people stop leaving unencrypted laptops in their cars?

Posted on April 25, 2013 by Dissent

OptiNose US Inc. has been notifying some of its consultants that their names and Social Security numbers were on a laptop stolen from an employee’s car. The laptop was stolen on March 26 in a Philadelphia suburb, and OptiNose started sending out notification letters on April 16. The letter did not inform recipients that the…

‘Hacker’ convicted by US court despite never hacking

Posted on April 25, 2013 by Dissent

Matt Brian has an interesting take on the conviction of David Nosal, which I reported yesterday on this blog: After more than a year of bouncing between appeals courts, the hacking case involving David Nosal has ended with a conviction. Wired reports that Nosal was yesterday found guilty of conspiracy, stealing trade secrets, and violating the Computer Fraud and Abuse…

CA: Government data breached thousands of times in last decade, documents say

Posted on April 24, 2013 by Dissent

Jordan Press reports: The federal government has seen more than 3,000 data and privacy breaches over the past 10 years, breaches that have affected more than 725,350 Canadians, according to documents tabled in Parliament on Tuesday. The responses from departments, given to the New Democrats in response to an order paper question, also show that…