The Identity Theft Resource Center has released its annual Aftermath study. From their press release: For the first time in 7 years, The Identity Theft Resource Center (ITRC)® can state that it is encouraged by the findings of the Identity Theft: The Aftermath 2009™. It is becoming clear that some areas of great distress in…
Category: Commentaries and Analyses
DIA official says privacy, security different for cloud
Stephen Bell reports: The government may have to make sacrifices in such treasured concepts as privacy and sovereignty, so that public sector organisations can take advantage of the “convenience” of the cloud, says a Department of Internal Affairs (DIA) project manager. Adam Stapleton is managing a project for DIA’s Government Technology Services (GTS) arm, to…
Study: One group responsible for 2/3 of all phishing attacks
The Anti-Phishing Working Group (APWG) recently released its report, Global Phishing Survey: Trends and Domain Name Use in 2H2009. From the Overview: Phishing has always been attractive to criminals because it has low start-up costs and few barriers to entry. But by mid-2009, phishing was dominated by one player as never before—the ―Avalanche‖ phishing operation….
IRS Divulges Personal Taxpayer Information
The Internal Revenue Service does not always properly authenticate the identity of taxpayers calling its toll-free assistance lines before providing them with confidential tax account information, according to a new government report. The report, by the Treasury Inspector General for Tax Administration, found that taxpayers who call the IRS-toll-free lines are at risk of having…
Verizon Business, U.S. Secret Service to Join Forces on 2010 Data Breach Investigations Report
As part of its continuing effort to better understand security breaches and how they can be prevented, Verizon is joining forces with the United States Secret Service on this year’s Data Breach Investigations Report. The 2010 DBIR, slated to be issued this summer, will feature aggregated findings from Verizon’s own caseload as well as hundreds…
Announce A Data Breach And Say It’s No Big Deal?
Evan Schuman comments on the recent Blippy breach and lessons that should be learned: Data Breach Etiquette Rule #8: The moment you announce you screwed up and exposed customers’ payment data to cyberthieves is a really bad time to lecture customers that “it’s a lot less bad than it looks” and that “it’s important to…