CYBERSECURITY: Recent Data Breaches Illustrate Need for Strong Controls across Federal Agencies GAO-15-725T: Published: Jun 24, 2015. Publicly Released: Jun 24, 2015. From the highlights of a newly-released GAO report: GAO has identified a number of challenges federal agencies face in addressing threats to their cybersecurity, including the following: Designing and implementing a risk-based cybersecurity program….
Category: Of Note
Ca: Detour Gold data dump exposed over 1,300 employees’ details
Since April, DataBreaches.net has been reporting on the hack of a small Canadian gold-mining firm, Detour Gold. As noted in April, hackers who call themselves Angels_of_Truth claim to have hacked Detour Gold in revenge for Canada’s economic sanctions on Russia. Their statements have been written in both English and Russian. Following the first paste and…
Computer system that detected massive government data breach could itself be at ‘high risk,’ audit finds
Eric Yoder reports: The computer upgrade that federal officials tout as having detected — although not prevented — a massive breach of information on federal employees is itself at high risk of failure, according to a new internal audit. The independent inspector general’s office within the Office of Personnel Management is conducting a thorough review…
EXCLUSIVE: Russian hackers claim they still own Detour Gold, dump more data
Update and Correction: The hacker(s) is/are likely not Russian, but Canadian. If you’ve been employed by Detour Gold at any time since 2007, your personal information may already have been acquired and dumped by Russian hackers – including your name, date of birth, salary information, employment details, and Social Insurance Number. And if your employment…
Oregon updates and expands data breach statute
Alston & Bird write: Oregon has updated its data breach notification statute to broaden the definition of personal information that will trigger notice to individuals and add the requirement to notify the state’s Attorney General of certain breaches. Oregon Governor Kate Brown signed into law SB601 on June 10, and it was enrolled on June 15. The…
Sony Fails to Shake Data Breach Suit
Marisa Kendall reports: A federal judge ruled Monday that employees of Sony Pictures Entertainment Inc. whose personal information was exposed in last year’s data breach have standing to sue even if they can’t prove that information was used by criminals. It’s often difficult for lawyers to successfully show collective harm in data breach class actions…