Shades of J. Edgar and dirty politics! I’m classifying this as a privacy breach and also an infosec breach as these data were supposed to be protected. Carol D. Leonnig and Jerry Markon report: The Secret Service’s assistant director urged that unflattering information the agency had in its files about a congressman critical of the service should be made public,…
Category: Of Note
Trump International Hotel & Tower Las Vegas notifying customers that malware was present in payment card system for more than one year (UPDATE 1)
Norton Rose Fulbright, a law firm representing The Trump Hotel Collection, is sending out notifications to customers who used a payment card at Trump International Hotel & Tower Las Vegas between May 19, 2014, and June 2, 2015. They write: Although an independent forensic investigation has not conclusively determined that any particular customer’s payment card information was taken…
Does the FTC really assess compliance with consent orders? If so, how well?
Add this analysis and commentary by Chris Hoofnagle to your must-read list. Assessing the Assessments When companies settle FTC charges, they often agree to extended periods of oversight by the Agency. The FTC requires companies to be regularly assessed by an outside firm during the oversight period. In my forthcoming book, I argue that this assessment…
The disappointing truth about data privacy and security
Ben Rossi writes: Cloud providers boast compliance to the highest security standards, including state-of-the art physical protection of hosting facilities, electronic surveillance and ISO 27001 certifications, to name a few. While such efforts may sound impressive, in reality they offer absolutely no defence to enterprises seeking a security model that cannot be owned, and provide…
Audit finds inadequate cybersecurity at HealthCare.gov
Ricardo Alonso-Zaldivar of AP reports that an audit by the Inspector General for Health and Human Services found serious security deficiencies in the system used to store data collected via healthcare.gov. The Obama administration said it acted quickly to fix all the problems identified by the Health and Human Services inspector general’s office. But the…
UPDATE: OPM now says more than five million fingerprints compromised in breaches
Andrea Peterson reports: One of the scariest parts of the massive cybersecurity breaches at the Office of Personnel Management just got worse: The agency now says 5.6 million people’s fingerprints were stolen as part of the hacks. That’s more than five times the 1.1 million figure the agency had cited in earlier updates after the…