Commentaries and Analyses – Page 854

Heartland breach shows why compliance is not enough

Posted on January 6, 2010 by Dissent

Jaikumar Vijayan reports: […] The [Heartland] intrusion led to the “stark realization that passing a PCI security audit does not make a company secure,” said Avivah Litan, an analyst at research firm Gartner Inc. “This was known well before the breach, but Heartland served as a big pail of ice water thrown on the face…

HHS wants contractor to test privacy of ‘anonymous’ data

Posted on January 5, 2010 by Dissent

Alice Lipowicz reports: Can personal medical data that has been stripped of its identifiers to protect privacy later be used to identify a specific person? That is the question that the Health and Human Services Department is hoping a research contractor can answer. HHS intends to hire a contractor to demonstrate either the “ability or…

Looking back on 2009

Posted on January 3, 2010 by Dissent

The breach of Heartland Payment Systems grabbed the headlines for much of the year and the entire population of Belize had their birth details stolen when a government employee left a laptop in a car, but what else went on? Your details, my friend, were blowing in the wind Although the number of breaches involving…

Cybercrooks stalk small businesses that bank online

Posted on January 1, 2010 by Dissent

Byron Acohido reports: A rising swarm of cyber-robberies targeting small firms, local governments, school districts, churches and non-profits has prompted an extraordinary warning. The American Bankers Association and the FBI are advising small and midsize businesses that conduct financial transactions over the Internet to dedicate a separate PC used exclusively for online banking. The reason:…

Breach reports decline in 2009, but what does it mean?

Posted on December 31, 2009 by Dissent

As of today’s date, breach compilations by both the Identity Theft Resource Center and Open Security Foundation indicate that there were fewer breach reports in 2009 relative to 2008. While some of the apparent decrease may be due to two sources used last year not being available online for the second half of this year,…

Massachusetts’s Highest Court Delivers BJ Wholesalers (and other Retailers) a Data Breach Liability Gift

Posted on December 23, 2009 by Dissent

David Navetta of InformationLawGroup has an analysis of the recent court decision in Cumis Insurance Society, Inc. v. B.J. Wholesale Club decision, reported here earlier this month. This blog post dives into and analyzes the Supreme Court Decision, and looks at it in context against similar decisions. Overall, in terms of issuing banks recovering for…