Mark Davis reports: A $28 million Howard government plan to create a high-tech system to address identity crime has been plagued by technical difficulties and failed to achieve its aims, the Australian National Audit Office says. The National Document Verification Service, announced by the Coalition in 2006, is a computer network which is supposed to…
Category: Commentaries and Analyses
Criminal web forum trades in stolen social network profiles
A study from VeriSign’s cyber security watchdog iDefense has revealed a huge increase over the past year in demand for nicked social network user accounts, many of which go on to be sold internationally on the black market including over forums. Once information available on social networking is secured it is auctioned off in bulk…
Minn. audit: State was lax on data security issues
A report from Minnesota’s legislative auditor says state officials didn’t do enough to safeguard data in a system used to verify the citizenship of new employees. The state stopped using Texas-based Lookout Services Inc. last December after private data like employee birth dates and Social Security numbers were too easily accessed on the company’s website….
TJX Adds Again To Its Breach Cost, But It Doesn’t Really Matter
Evan Schuman writes: With TJX having suffered well more than $47 million in out-of-pocket expenses from its infamous data breach (announced in 2006 but beginning as early as 2003), the $20 billion retailer is preparing to write still more checks. It has now set aside another $23.5 million for additional anticipated breach costs, according to…
Cyberattack on Google Said to Hit Password System
John Markoff reports: Ever since Google disclosed in January that Internet intruders had stolen information from its computers, the exact nature and extent of the theft has been a closely guarded company secret. But a person with direct knowledge of the investigation now says that the losses included one of Google’s crown jewels, a password…
Why I Spoke Publicly About Cyber Incident
Bob Maley writes: If you have been following the blogosphere recently, you may have read that I used to be the chief information security officer for the Commonwealth of Pennsylvania, having been dismissed for speaking about security without specific permission. We won’t go into that here, but the incident begs the question if sharing about…