Mary Landesman wrote a clever commentary on how to respond to breaches. Landesman uses Goofus and Gallant from the children’s Highlights magazine to contrast different types of responses with examples drawn from two healthcare sector breaches involving the University of North Carolina. If we teach our children to emulate Gallant and not Goofus, can those…
Category: Commentaries and Analyses
Over One Billion Records Exposed According to Risk Based Security, Inc.
From the press release: The slowdown in the global economy has certainly not translated into a corresponding slowdown in criminal efforts to compromise personal information, according to Risk Based Security, Inc. The total number of records exposed during the first 9 months of 2011 is 176,385,870 compared to 88,473,589 records for all of 2010. An…
How Much Is Your Identity Worth?
This may come as a blow to the narcissists among us, but your identity isn’t worth very much these days. Indeed, you might get more using the per pound formula. Brian Krebs reports: How much does it cost for thieves to discover the data that unlocks identity for creditors, such as your Social Security number,…
Ca: Nearly 2,700 tax files downloaded on missing laptop
I’m no longer surprised when we first learn about breaches that happened years ago. Case in point: a 2006 breach in Canada is now in the media after the Canadian Press uncovered it in an Access to Information request: The confidential tax files of almost 2,700 Canadians are missing after a Canada Revenue Agency worker…
UK: What’s gone wrong at #ICO?
Stewart Room writes: If you’ve been keeping a close eye on developments at the Information Commissioner’s Office, then you will have detected a very clear trend when it comes to regulatory enforcement action. Basically, ICO has abandoned the monetary penalty and other statutory enforcement mechanisms, for “undertakings”. Read more on Stewart Room. I’m glad for…
Study finds many turn to lawsuits following a data breach
Dan Kaplan reports: More than half of American consumers would sue a company that loses its personal information, according to a survey released Wednesday by IT firm Unisys. The twice-a-year Unisys Security Index, which polled 1,000 Americans on information security concerns, found that 53 percent would take legal action in the event of a data…