Olivia Levoy of USA Today reports: The cyberattack on JP Morgan Chase & Co. first announced in July comprised information from 76 million households and 7 million small businesses, the company revealed in a filing with the Securities and Exchange Commission Thursday. Contact information, including name, address, phone number and email address, as well as…
Category: Of Note
JPMorgan Discovers Further Cyber Security Issues (UPDATED)
UPDATED: JPMorgan Chase told CNBC it was not aware of a new cyber attack on its computer network, striking down the NY Times article cited below. Original post: Jessica Silver-Greenberg and Matthew Goldstein report: For the second time in roughly three months, JPMorgan Chase is scrambling to contain the fallout from a security breach of its vast computer network,…
An FBI informant led hacks against 30 countries—now we know which ones
Dell Cameron writes: A Federal Bureau of Investigation (FBI) informant targeted more than two dozen countries in a series of high-profile cyberattacks in 2012. The names of many of those countries have remained secret, under seal by a court order—until now. A cache of leaked IRC chat logs and other documents obtained by the Daily…
California Amends Data Breach Notification Law, Does Not Require Mandatory Offering of Credit Monitoring
Andrew Hoffman writes: California Governor Jerry Brown signed into law an amendment to California’s data breach notification law on Monday. Although at least one news outlet has reported that the law requires a company to offer credit monitoring services, this interpretation is misguided. Rather, the law only places restrictions on certain companies if they choose to offer identity theft prevention and…
California strengthens breach notification and mitigation requirements (update 1)
The wait is over. Governor Jerry Brown signed AB1710 into law yesterday. The law not only requires “reasonable security procedures and practices appropriate to the nature of the [personal] information” a business owns, licenses, or maintains, but it also requires identity theft protection and mitigation services under some conditions. If notification of a breach is required,…
EPIC Urges FTC to Investigate Maricopa County Community Colleges Data Breach
Earlier this year, I reached out to the Electronic Privacy Information Center (EPIC), to encourage them to join DataBreaches.net in filing a complaint with the FTC concerning the massive data breach at Maricopa County Community Colleges District (MCCCD). I am pleased to see that they have done so, agreeing with me that MCCCD is covered by…