Ben Worthen and Anton Troianovski report: … How Epsilon handled to the breach is representative of how companies are shifting their responses to hacking incidents. In the past, companies were typically caught off guard when a breach occurred and responses were often flat-footed, requiring updates and further clarifications to concerned customers. Now an industry of…
Category: Commentaries and Analyses
Everything Everywhere slams mandatory data breach notification law
Dan Worth reports: Mobile operator Everything Everywhere has criticised changes to UK law as part of the recent European ePrivacy Directive, which will force ISPs and telecoms firms to disclose any data breach incidents. The changes, which were brought in at the same time as new rules on cookies, will require service providers to inform…
VA: Audit: Is the City putting Richmonders’ credit card info at risk
Sandra Jones and Nick Dutton report: A new city audit finds fault with the Department of Finance’s ICVerify system and says that unless changes are made, Richmonders’ credit card information could be at risk. ICVerify, a critical system to the Revenue Administration Division, is a third party software product used to process and record customer…
Judge: Comerica must pay company hit in phishing attack
David Ashenfelter reports on a ruling in a case with potentially huge implications, EMI v. Comerica (past coverage): Comerica bank must reimburse a Sterling Heights sheet metal company $561,000 it lost in an Internet phishing attack, a federal judge has ruled in what may be the first such case nationally to be tried to a…
Petition for Rehearing Filed in United States v. Nosal, the Ninth Circuit Case on Criminalizing Violations of Computer Use Policies
Orin Kerr writes: A petition for rehearing was recently filed in United States v. Nosal, the Ninth Circuit decision holding that an employee who violates his employer’s computer use policy is guilty of “exceeding authorized access” to the employer’s computer. I have posted a copy here. I hope the Ninth Circuit grants rehearing, as I think the Nosal case…
Stephen Foley: Calm down – despite the data breaches, there’s little actual fraud on the cards
Stephen Foley comments in The Independent on the recent CitiGroup breach and tries to prevent kneejerk reactions. He writes, in part: […] There have been 288 publicly disclosed breaches of financial services companies’ computer systems, according to the Identity Theft Resource Centre, and 83 million customer records compromised. That would suggest that, even if you…