Was a hack of a U.S. retailer used to develop an ISIL hit list of American military members and government employees? According to a federal complaint unsealed today, it appears it was. From the Department of Justice: Malaysian authorities have detained Kosovo citizen Ardit Ferizi in Malaysia on a U.S. provisional arrest warrant alleging that he provided…
Category: Of Note
Australian data breach notification laws will not be passed in 2015: Brandis
Yes, let’s enact mandatory data retention laws without any companion protections or data breach notification requirements. Way to go, Australia! Chris Duckett reports: Despite the Joint Parliamentary Committee on Intelligence and Security recommending that Australia have data breach notification laws in place before the end of 2015, Australian Attorney-General George Brandis told the Senate on Tuesday that…
Three-Bill Package Makes Revisions to California’s Data-Breach Notification Statute
Brandon Johnson writes: On October 6, 2015, California Governor Jerry Brown signed into law a trio of bills that is intended to clarify key elements of the state’s data-breach notification statute and provide guidance to persons, businesses, and state and local agencies that deal with electronically stored personal information. The bills, which were passed together…
Hackers target Australian health sector, selling records for A$1,000
Beverley Head reports: Hackers are targeting the Australian health sector, with fully populated digital health records sold on the black market for up to A$1,000 each. Plans to make the personally controlled electronic health record (PCEHR) an opt-out – rather than the current opt-in regime – could significantly expand the range of targets for health hackers….
T-Mobile customers affected by the Experian breach can sign up with CSID for identity protection services
If you are a T-Mobile customer whose data was caught up in the Experian breach, there is now an alternative to the two-year offer of Experian’s ProtectMyID service. T-Mobile has made arrangements with CSID as an alternative. You can read the details and sign up at https://www.csid.com/t-mobile/ . Thanks to Steve Ragan for sharing that info with me….
No, the Experian hack did NOT go on for over two years: it happened last month
In reading a lot of the coverage of Experian’s breach affecting those who applied for T-Mobile USA accounts, I noticed that some journalists and others seemed to interpret Experian’s statement as indicating that the data were hacked/accessed over a two-year period (from September 2013 to September 2015). As I noted to a commenter earlier today,…