Commentaries and Analyses – Page 797

Average insurance cost per data breach rises to $3.7M: Study

Posted on October 9, 2012 by Dissent

Mike Tsikoudakis reports: The average insurance cost per data breach incident increased sharply from $2.4 million in 2010 to $3.7 million in 2011, according to a new NetDiligence study released Tuesday. Based on insurance claims that were submitted in 2011 for incidents that occurred from 2009 to 2011, the average number of records exposed decreased…

The City of Tulsa’s costly screw-up

Posted on October 2, 2012 by Dissent

The saga of the City of Tulsa hack-that-wasn’t-a-hack fascinates me and would be funny if it wasn’t such a costly foul-up. While the city’s IT manager is on paid administrative leave, Ian Silver of Fox23 provides some additional details , most notably: To their credit, the city had hired SecurityMetrics 18 months ago to periodically…

Police shed light on Japan’s black market for personal info

Posted on September 30, 2012 by Dissent

I just read an interesting news piece related to the previous blog entry on the black market sale of personal information in Japan. It seems that Japan’s personal information protection law which went into effect in 2005 created the market, and one group made almost $11 million using employees of numerous companies to provide the…

The staggering cost of a data breach

Posted on September 28, 2012 by Dissent

Occasionally, I check Global Payments’ site for information on what their breach(es) last year cost them. Here’s what they reported in their SEC 10-K/A filing today: For the year ended May 31, 2012, we have recorded $84.4 million of expense associated with this incident. Of this amount, $19.0 million represents the costs we have incurred…

RiteAid mobile app left customer prescription history vulnerable – customer

Posted on September 27, 2012 by Dissent

Cross-posted PHIprivacy.net: When Michael Ramirez recently used RiteAid’s mobile app to check on a prescription, he never expected to be able to access other customers’ names, addresses, and prescription records. But he was able to, and now Ramirez, a computer scientist working for the Navy’s Space and Naval Warfare Systems Command in Charleston, is going…

Hacktivism skews security trend analysis

Posted on September 24, 2012 by Dissent

The re-emergence of the hacktivist movement appears to have thrown a spanner in the works for those in the InfoSec industry charged with data breach trend analysis. There has been a series of massive data breaches over the last 16 months – each of which compromised more than a million identities. During the same time,…