Karin Spaink provides an English summary of a news story on education sector breaches in the Netherlands: The teachers union (Algemene Onderwijsbond) researched how often student information is accessible via Google. They found quite a lot: list of home addresses, student reports, progress reports, assessment reports. The union notified all the universities, faculties and training…
Category: Commentaries and Analyses
The Cost Of A Breach, Heartland Style: At Least $129 Million; Might Be $229 Million
Evan Schuman comments: In its latest financial report, Heartland Payment Systems reported that it dropped $129 million on data breach costs last year (an incident that briefly placed Heartland on Visa’s Bad Breach Boy list). The company added that it still has a reserve of $100 million for additional expenses. As a processor, Heartland’s pain…
HHS starts to reveal healthcare breaches reported to government
When HITECH was passed as part of the stimulus bill, it introduced new data breach notification requirements, including a requirement that breaches of unsecured personal health information held by covered entities or their business associates affecting more than 500 individuals be reported to the U.S. Department of Health & Human Services. The requirement was somewhat…
Customer Vs. Bank: Who is Liable for Fraud Losses?
Linda McGlasson writes: At first this court case was a curiosity: Experi-Metal Inc. (EMI), a Michigan-based metal supply company, sued Comerica Bank, claiming that the bank exposed its customers to phishing attacks. But now this story shapes up as a significant test case for the banking industry, raising several key questions that must be answered…
Employee Misuse of Computer Access Ruled Not a Crime
Mary Pat Gallagher reports: Using a password-accessed workplace computer in violation of company rules or policies may get you disciplined, but it’s not enough to be prosecuted in New Jersey, says a Mercer County judge in a published case of first impression. Superior Court Judge Mitchel Ostrer threw out an indictment against Princeton Borough police…
Credit card data security: Who’s responsible?
By Phil Lieberman, president & CEO, Lieberman Software, and Henry Helgeson, co-CEO, Merchant Warehouse, Network World About a year ago security at Heartland Payment Systems Inc. was breached and information affecting more than 100 million credit cards stolen. Was it Heartland’s fault, or should the credit card companies shoulder more of the responsibility? The experts:…