Will New Mexico finally join the ranks of states that require data breach notification or will it remain one of only three holdouts? Dan Mayfield reports that Rep. Bill Rehm has introduced a bill to require businesses to notify consumers in the event of a breach. Rehm tried to pass a similar bill last year but got pushback from…
Category: Of Note
Fearing an FBI raid, researcher publishes 10 million passwords/usernames
Dan Goodin reports: A security consultant has published 10 million passwords along with their corresponding usernames in a move he characterized as both necessary and legally risky given a legal landscape he said increasingly threatens the free flow of hacking-related information. Most of the existing corpus of passwords exposed in hack attacks is stripped of…
All in: NAIC wants all states and territories to collaborate in probe of Anthem breach
The Denver Channel reports: Members of the National Association of Insurance Commissioners want a multi-state examination of Anthem, Inc. and its affiliates, following the discovery of a cybersecurity breach at the health insurance company. […] Given the potential scope of the breach and the number of consumers affected, the NAIC said it anticipates all 56…
Anthem Breach May Have Started in April 2014
Brian Krebs reports: Analysis of open source information on the cybercriminal infrastructure likely used to siphon 80 million Social Security numbers and other sensitive data from health insurance giant Anthem suggests the attackers may have first gained a foothold in April 2014, nine months before the company says it discovered the intrusion. Read his full article on…
Altegrity Files Bankruptcy; Lost OPM contract following USIS hack
Add Altegrity to the short list of businesses that collapse following a data breach, although it may not be the consequences of the breach that were solely responsible. Since August 2014, Altegrity Inc., the government contractor principally owned by private equity firm Providence Equity Partners, has been dealing with the consequences of a cyber-attack in one of its…
Uncovering Security Flaws in Digital Education Products for Schoolchildren
Natasha Singer reports: When Tony Porterfield’s two sons came home from elementary school with an assignment to use a reading assessment site called Raz-Kids.com, he was curious, as a parent, to see how it worked. As a software engineer, he was also curious about the site’s data security practices. And he was dismayed to discover that…