If anyone doubted the FCC was serious about getting more into data breach/security enforcement, they should read this settlement with AT&T released today (pdf). From the order: 1. The Enforcement Bureau (Bureau) of the Federal Communications Commission (Commission) has entered into a Consent Decree to resolve its investigation into whether AT&T Services, Inc. (AT&T or Company)…
Category: Of Note
UK: Financial firms are responsible for data trading
Tony Hazell nails it in a column that begins: The revelation that intimate financial and medical details are being sold to firms with dubious intentions should have sent shockwaves through the financial community. But it probably will not. The Daily Mail last week revealed that financial details were being sold for as little as 5p…
Where Stolen Data Goes After Breach: An Experiment
Michael Perrault reports: Where does stolen data go after a breach? Silicon Valley-based data protection company Bitglass conducted an experiment showing that a single stolen document, with multiple data, traveled to 22 countries, was viewed 1,081 times and was downloaded 47 times over a dozen days. Some activity was connected to crime syndicates in Nigeria…
Auburn University notifying over 360,000 current and former students of breach
Oops. Auburn University discovered that students’ personal information – names, postal and email addresses, dates of birth, Social Security numbers, and students’ academic information – was exposed on the Internet between September 1, 2014 and March 2, 2015 when they discovered the problem. No financial information, bank account or payment card information was involved. While the university…
FL: Convicted felon hijacks charity – and the state can’t stop it?
Adam Walser reports that a former volunteer at the non-profit Kingdom Purpose, Teach One Reach One after-school program was allegedly able to hijack ownership of the charity by altering public information on the Florida Department of State sunbiz.org website. And there’s little the Department of State says they can do about it. The former volunteer, Sabrina Miller-White, who had been convicted on…
FTC and Wyndham Present Arguments on Whether FTC has Declared Unreasonable Cybersecurity Practices Unfair
Katherine Gasztonyi writes: On Friday, March 27, 2015, the Federal Trade Commission and Wyndham Worldwide Corp. filed supplemental briefing in the Third Circuit regarding whether the FTC had made an adjudicative decision that the FTC Act prohibits unreasonable cybersecurity practices and, if not, whether a federal court could hear a case charging a violation of the FTC Act…