Note: The PCI DSS Council currently lists 346 qualified security assessors. It would be nice to know how the FTC picked the nine it’s questioning, and I’ve sent the FTC an inquiry about that. * * * The Federal Trade Commission has issued orders to nine companies requiring them to provide the agency with information on how…
Category: Of Note
Apple users targeted in first known Mac ransomware campaign
Jim Finkle reports: Apple Inc customers were targeted by hackers over the weekend in the first campaign against Macintosh computers using a pernicious type of software known as ransomware, researchers with Palo Alto Networks Inc told Reuters on Sunday. […] Palo Alto Threat Intelligence Director Ryan Olson said the “KeRanger” malware, which appeared on Friday,…
21st Century Oncology Notifies Patients of Data Security Incident
Update, March 8: A 21st Century Oncology spokesperson confirmed today to DataBreaches.net that 2.2 million patients were impacted by this breach. Note that this is the second time 21st Century Oncology learned of a data breach from federal authorities. In 2013, this site reported on an incident involving a rogue employee. That incident never appeared on HHS’s breach…
Was the company involved in FTC charges against LabMD raided by the FBI?
A business whose evidence the FTC relied upon in opening an investigation of LabMD has allegedly been raided by the FBI. It’s just the latest development in a case that has now involved the FTC, DOJ, the security of Marine One, the House Oversight Committee, and a slew of businesses who were told that their…
CFPB fines start-up Dwolla $100,000 for misrepresenting its data security
It’s not just the FTC looking at your security and your representations to clients about the security of your product. While the FTC recently settled charges against Henry Schein Practice Solutions for advertising a Dentrix product as providing “encryption” when it didn’t, the Consumer Financial Protection Bureau is also taking aim at companies that mislead consumers about security,…
Bailey’s notifies 15,000 online customers of payment card breach
It’s not enough I come across a payment card breach notification with a lot of detail, so I was surprised to read a notification of an e-commerce breach from Bailey’s to the Oregon Attorney General’s Office that provided so much information. Look at the first few paragraphs of the timber harvest gear firm’s notification. It includes the date…