Robert McMillan and Ryan Knutson report: A massive data breach at Yahoo AABA 1.95% in 2013 was far more extensive than previously disclosed, affecting all of its 3 billion user accounts, new parent company Verizon Communications Inc. said on Tuesday. The figure, which Verizon said was based on new information, is three times the 1…
Category: Of Note
Aetna offers immediate relief program to members affected by HIV disclosure incident
As this site noted in August, health insurer Aetna had a privacy breach when almost 12,000 members’ HIV status was unintentionally disclosed in mailing envelope windows. This week, Aetna announced it was offering immediate assistance to members affected by the breach. It’s unusual to see a breached entity offer such immediate assistance, and I think…
NC tech firm to pay $264K fine for Vermont data breach
AP reports that Vermont settled with a subcontractor for its Health Connect service after a breach in which the subcontractor didn’t – and possibly would never have – notified anyone about a breach they had been alerted to: Vermont’s attorney general says a technology company will pay a $264,000 fine for a data breach that…
Deloitte hit by cyber-attack revealing clients’ secret emails
Nick Hopkins reports: One of the world’s “big four” accountancy firms has been targeted by a sophisticated hack that compromised the confidential emails and plans of some of its blue-chip clients, the Guardian can reveal. Deloitte, which is registered in London and has its global headquarters in New York, was the victim of a cybersecurity…
California Court Weighs in on the FTC’s Data Security Enforcement Authority
Kade N. Olsen and Craig A. Newman report on a court opinion in the D-Link case – a case that addresses some of the issues also raised in LabMD vs. FTC: Yesterday, a District Court in Northern California weighed in on the U.S. Federal Trade Commission’s (FTC) authority to protect consumers from “unfair” and “deceptive”…
Did a media blackout on reporting on TheDarkOverlord allow them to mushroom in the dark?
By the end of 2016, a number of journalists and/or their employers had made an ethical decision not to report on hacks and in-progress extortion attempts by TheDarkOverlord. But did the lack of coverage enable the criminals to expand their operations without any public attention or public pressure on law enforcement to pursue them aggressively? …