Two analyses of data breaches in 2014 have been released within the past month. One is Gemalto’s annual Breach Level Index report (pdf), which is based on 1,541 breach reports resulting in 1,023,108,267 breached records. The other is Risk Based Security’s Data Breach Quick View (pdf), which is based on 3,014 incidents exposing 1,068,191,345 records. How can an analysis that…
Category: Of Note
Say What? Required contents of notice in data breach notifications
Fer O’Neil did some comparisons of state laws on the content of notices. His write-up of what he found is well worth reading. Here’s a snippet from it: The first metric I looked at was the number of states and territories that had some required content of notice. I was a little surprised that 63% (31…
Microsoft Adopts ISO/IEC 27018 For Personal Data, Privacy Protection In Public Cloud
Quinten Plummer reports: Microsoft has adopted an international standard for certifying the security of its cloud offerings, making it the first major cloud services provider to do so, the company says. The company adopted the International Organization for Standardization and International Electrotechnical Commission’s standard 27018 to certify the security of its cloud offerings, using the…
CAVIRTEX shutting down following security issues
Katherine Fletcher reports: Canadian Bitcoin exchange CAVIRTEX announced Tuesday that it is ceasing operations next month following a possible security breach. The Calgary-based company will cease trading on March 20 and stop processing withdrawals on March 25, reported the Georgia Straight. CAVIRTEX said that on Sunday, “we found reason to believe that an older version of…
Beyond Stuxnet and Flame: Equation ‘most advanced’ cybercriminal gang recorded (updated)
Charlie Osborne reports: Kaspersky Labs has discovered the “ancestor” of Stuxnet and Flame, a threat actor which surpasses everything else in complexity and technique sophistication. On Monday at the Kaspersky Labs Security Analyst Summit, the firm unveiled research concerning the existence of a cyberattack team dubbed The Equation Group. The group, which Kaspersky Lab Global…
The Target and Other Financial Data Breaches: Frequently Asked Questions
Sabrina I. Pacifici writes: The Target and Other Financial Data Breaches: Frequently Asked Questions “In November and December of 2013, cybercriminals breached the data security of Target, one of the largest U.S. retail chains, stealing the personal and financial information of millions of customers. On December 19, 2013, Target confirmed that some 40 million credit…