Eric Yoder reports: The computer upgrade that federal officials tout as having detected — although not prevented — a massive breach of information on federal employees is itself at high risk of failure, according to a new internal audit. The independent inspector general’s office within the Office of Personnel Management is conducting a thorough review…
Category: Of Note
EXCLUSIVE: Russian hackers claim they still own Detour Gold, dump more data
Update and Correction: The hacker(s) is/are likely not Russian, but Canadian. If you’ve been employed by Detour Gold at any time since 2007, your personal information may already have been acquired and dumped by Russian hackers – including your name, date of birth, salary information, employment details, and Social Insurance Number. And if your employment…
Oregon updates and expands data breach statute
Alston & Bird write: Oregon has updated its data breach notification statute to broaden the definition of personal information that will trigger notice to individuals and add the requirement to notify the state’s Attorney General of certain breaches. Oregon Governor Kate Brown signed into law SB601 on June 10, and it was enrolled on June 15. The…
Sony Fails to Shake Data Breach Suit
Marisa Kendall reports: A federal judge ruled Monday that employees of Sony Pictures Entertainment Inc. whose personal information was exposed in last year’s data breach have standing to sue even if they can’t prove that information was used by criminals. It’s often difficult for lawyers to successfully show collective harm in data breach class actions…
The OPM Hack and the New DOD Law of War Manual
Kristen Eichensehr writes: Last Friday was a big day in cybersecurity news. OPM announced that, in addition to the compromise of the personnel information of federal employees revealed on June 4, Chinese hackers also breached a database containing millions of security clearance forms. Meanwhile, on the other side of the Potomac, the Department of Defense…
BAE Systems first notifying employees of extranet site network attack in 2014
On June 4, BAE Systems Information and Electronic Systems Integration Inc. notified the New Hampshire Attorney General’s Office that they had experienced a network attack on an extranet site in 2014. Due to the nature and scope of the attack, they provided a data set to the Pentagon’s Damage Assessment Management Office (DAMO), who subsequently…