Remember the breach reported a few weeks ago when a Freedom of Information request uncovered that a Canada Revenue Agency employee had been mining the database to identity high-wealth individuals that she might recruit as customers for her side business? The individuals whose data were accessed were never notified of the incident because the government…
Category: Commentaries and Analyses
Credit unions report merchants are biggest source of fraud attempts
David Morrison of Credit Union Times reports some of the key results in a Flash survey conducted by the National Association of Federal Credit Unions (NAFCU) concerning fraud rates and costs credit unions have experienced in the past few years: Credit union’s responding to NAFCU’s monthly Flash survey reported that merchants were the source of…
Yet Another Proposed Federal Data Security and Breach Notification Bill: Senators Rockefeller and Pryor Jump Into the Fray
Tanya Forsheit writes: Many of us have watched over the past few years as dozens of proposed federal data security and breach notification bills have been introduced, often with bipartisan support, but have failed to become law. This year has seen many of the usual proposals. For those of you keeping track, this year’s bills…
Most attacks on federal networks financially motivated
Jill R. Aitoro reports: Most malware attacks against federal agencies are financially motivated, seeking to trick computer users into buying fake security software or providing personal information that can be used to hack into their bank accounts. Although espionage and terrorism often are considered the primary motivations for breaking into government networks, 90 percent of…
How not to address child ID theft
Over on Emergent Chaos, Adam disagrees with ITRC’s proposed Minors 17-10 Database to reduce child identity theft: …. Unfortunately, this idea is totally and subtly broken. Today, the credit agencies don’t get lists from the SSA. This is a good thing. There’s no authorization under law for them to do so. The fact that they’ve…
EMI v. Comerica: Court Finds Commercially Reasonable Security — Bank Loses Motion for Summary Judgment
David Navetta provides a legal analysis of the court’s denial of the bank’s motion for summary judgment in the case. An odd result — we know. We previously reported on the lawsuit filed by Experi-Metal, Inc. (“EMI”) and the subsequent motion for summary judgment (and briefs) filed by Comerica Bank to have the case dismissed….