Commentaries and Analyses – Page 805

NZ: Telecom’s customer data open to ex staff

Posted on January 24, 2011 by Dissent

Susie Nordqvist and Hamish Fletcher report: Former employees have questioned Telecom’s security policies and one can still look up customer details despite having left his job two months ago. Andrew Rozen, who worked in a customer service role from March to November last year, checked if he could access Telecom’s Wireline database after accusations of…

Sites go offline to patch security following media coverage of data for sale

Posted on January 23, 2011 by Dissent

Robert McMillan reports: If you’re a criminal looking for full control of the Web used by the U.S. Army’s Communications-Electronics Command (CECOM), you can get it for just under US$500. At least that’s what one hacker is offering in underground forums. Security vendor Imperva found the black market sales pitch Thursday and posted details of…

Criminal finance database security worries peers

Posted on January 22, 2011 by Dissent

Alex Stevenson reports: A database monitoring 1.5 million suspicious criminal transactions may be insecure, a committee of peers has warned. The House of Lords’ EU committee backed the view of the information commissioner that access to the Serious Organised Crime Agency’s Elmer database may be too wide. The database is Soca’s main tool in identifying…

Does a data breach hurt your brand?

Posted on January 20, 2011 by Dissent

Over on The New School of Information Security, Adam has a post that those of us who report on breaches or comment on the impact of breaches need to read, and I do encourage everyone to watch the video and read his entry. The bottom line of his post is that security breaches do not…

E-mails containing malware sent to businesses concerning their online job postings

Posted on January 19, 2011 by Dissent

From the Internet Crime Complaint Center (IC3): Recent FBI analysis reveals that cyber criminals engaging in ACH/wire transfer fraud have targeted businesses by responding via e-mail to employment opportunities posted online. Recently, more than $150,000 was stolen from a US business via unauthorized wire transfer as a result of an e-mail the business received that contained malware. The…

National Breach Warning System Urged

Posted on January 17, 2011 by Dissent

Tracy Kitten writes: Forty-six states have breach-notification laws on the books, but no law is the same, and enforcement is weak. In 2011, as malicious breaches continue and the sophistication of cyberattacks increases, Foley, co-founder of the non-profit Identity Theft Resource Center, says it’s time for a national breach notification law. “This would be easier…