Commentaries and Analyses – Page 768

Report: Some cloud providers have ‘dirty disks’

Posted on April 27, 2012 by Dissent

Brandon Butler reports: A forensic IT study by a U.K. security consultancy found that some multi-tenant public cloud providers have “dirty disks” that are not fully wiped clean after each use by a customer, leaving potentially sensitive data exposed to other users. Last year, officials at Context Information Security conducted a study to determine if…

Watchdog defends apparent discrepancies in fines for private and public sector data breaches

Posted on April 27, 2012 by Dissent

The UK’s data protection watchdog has defended its policy of issuing fines after newly released figures suggested private sector organisations are issued with disproportionately fewer fines than local Government ones. Read more on Out-Law.com.

UK: Insecure websites to be named and shamed after checks

Posted on April 25, 2012 by Dissent

Mark Ward reports: Companies that do not do enough to keep their websites secure are to be named and shamed to help improve security. The list of good and bad sites will be published regularly by the non-profit Trustworthy Internet Movement (TIM). A survey carried out to launch the group found that more than 52%…

NAFCU Letter to Reps. Boehner and Pelosi on Cyber/Data Security

Posted on April 24, 2012 by Dissent

Via CUInsight, a letter that has some recommendations many readers might agree with: April 23, 2012 The Honorable John Boehner Speaker U.S. House of Representatives Washington, D.C. 20515 The Honorable Nancy Pelosi Minority Leader U.S. House of Representatives Washington, D.C. 20515 Re: Cyber Security and Data Security Dear Speaker Boehner and Minority Leader Pelosi:\ On…

Massachusetts: state of the breach reports, 2011

Posted on April 23, 2012 by Dissent

Massachusetts has provided another update/report on data breach notifications they receive. You can access the full report (pdf) on their web site. Here are a few snippets from the report: Since the Data Security law, c. 93H, went into effect, the Office of Consumer Affairs and Business Regulation has tracked the data breach notifications it…

Why MilitarySingles.com’s denial of breach fails to convince me (updated)

Posted on April 12, 2012 by Dissent

Some breach reports really bother me. The MilitarySingles.com situation is a case in point. Despite their denial of any breach, what I saw in the two data dumps leaves me with the nagging suspicion that they were hacked. And so I contacted them again almost two weeks ago, following their last statement, to ask to…