Emma Woollacott reports: The Securities and Exchange Commission (SEC) has ordered companies to disclose security breaches, following a year in which several organizations have been criticized for revealing details late, if at all. “Cyber incidents may result in losses from asserted and unasserted claims, including those related to warranties, breach of contract, product recall and…
Category: Commentaries and Analyses
Social Security kept silent about private data breach
Thomas Hargrove writes: The Social Security Administration has failed to inform tens of thousands of Americans that it accidentally released their names, dates of birth and Social Security numbers in an electronic database widely used by U.S. business groups. The federal agency has kept silent about a potentially harmful security breach of the personal data…
Hacker attacks against retailers up 43 percent
Angela Moscaritolo reports: Hacks targeting the retail sector have increased 43 percent since last year, largely due to an increase in SQL injection and the use of exploit toolkits, according to researchers at Dell SecureWorks. During the first nine months of 2011, Dell SecureWorks blocked an average of 91,500 attacks per retailer, compared to 63,651…
Some days, I pull my hair out, Thursday edition
Everywhere I look, there are data breaches that I would want to include in DataLossDB.org’s database. But as I backfill the database to include incidents reported on my blogs that were never in the database, my research stumbles over tons of other breaches that should also be included. Rather than getting closer and closer to…
The biggest companies fail and own it
Over on CSO, Bill Brenner writes: No matter how rigorous the audit, chances remain high that a company will still suffer a security breach. The bad guys are always at work and it’s hard to keep up with them. If and when that kind of failure happens, the key to bigger failure or success is…
GAO: Federal network security breaches spike 650 percent
Aliya Sternstein reports: Reports of network security incidents at federal agencies have soared 650 percent during the past half-decade, jeopardizing the confidentiality and integrity of sensitive government information, federal auditors charged in a congressionally mandated report. The most prevalent types of cyber events included infections from malicious code — 30 percent of incidents; violations of…