I haven’t read the new Javelin Strategy & Research report because it’s pricey, but their press release on it contains some of its key findings. Of note: … nearly 1 in 4 data breach letter recipients became a victim of identity fraud, with breaches involving Social Security numbers to be the most damaging. If 1 in…
Category: Commentaries and Analyses
GAO Report: Americans’ Information Not Adequately Protected by Census Bureau
Kevin Glass reports: The Government Accountability Office released a report this week with a scary conclusion: The Census Bureau, tasked with collecting personal information on every single American, has not adequately protected this data. Specifically, the GAO found, the Census Bureau is not fully prepared in cybersecurity, making Americans’ information vulnerable to hackers. Read more on TownHall.com.
Trustwave: Detection of intrusions can sometimes take two years
Dan Raywood has a piece in SC Magazine about how long it takes to detect breaches: Companies are still failing to detect data breaches and hacking incidents, with outsiders getting access and sitting on the corporate network for up to two years in some cases. According to the Trustwave 2013 global security report, organisations fail…
Looking back at 2012 Data Breaches: RBS and OSF release QuickView report
Risk Based Security and the Open Security Foundation released a report this morning, Data Breach QuickView: An Executive’s Guide to Data Breach Trends in 2012. The report summarizes some of the major statistics for 2012, based on analysis of the incidents compiled in OSF’s DataLossDB. As most readers know by now, I am involved in…
Do Merchants That Outsource Payment Processing Still Have Risk From a Breach?
Craig Hoffman writes: Last week a small New England bakery announced that its point-of-sale (POS) devices were infected with malware that may have put card data at risk. The bakery’s letter to its customers stressed that it did not store card data on its computer systems, but the malware allowed an unauthorized person to gather card data as the…
How not to explain a breach, Sunday edition
I came across a media report on what appears to be a breach involving card numbers of guests and employees of Island Resort & Casino in Michigan. But was it their breach or not? Read the casino’s statement: We would like to address the many rumors that are in circulation regarding the harvesting of credit/debit…