The HSBC data theft by their former employee Hervé Falciani is finally getting a lot of mainstream media attention here, with 60 Minutes doing a segment on Falciani last night (video). The computer files, which Falciani shopped to a number of governments, reveal that HSBC, one of the largest banks in the world, profited from its…
Category: Of Note
Why even strong crypto wouldn’t protect SSNs exposed in Anthem breach
Steve Bellovin explains: Another day, another data breach, and another round of calls for companies to encrypt their databases. Cryptography is a powerful tool, but in cases like this, it’s not going to help. If your OS is secure, you don’t need the crypto; if it’s not, the crypto won’t protect your data. In a case…
Health insurance giant Anthem Blue Cross and Blue Shield discloses breach that could affect tens of millions of customers and employees (Update2)
Following the disclosure by Community Health Systems in an SEC filing that they suspected Chinese hackers were responsible for the theft of 4.5 million patients’ information, the FBI sent out a “Flash” warning to alert the the healthcare sector that it was being targeted by hackers. It was the second warning they had issued in a period of a few months. In…
Report Claims Russians Hacked Sony
From the how-many-people-were-in-there dept., Mathew J. Schwartz reports: Russian hackers, using spear-phishing attacks, successfully breached the network of Sony Pictures Entertainment in November 2014, and continue to have on-demand access to Sony’s network, according to a new report from cybersecurity firm Taia Global. But it’s not clear if those hackers unleashed the malware attack and data…
The FTC’s requested budget: implications for data security enforcement cases?
I was never good with budgets, but damned if I can figure out FTC’s budget request to Congress for Fiscal 2016. Is it seeking funds to expand the number of data security enforcement cases it undertakes or is the budget based on simply maintaining the current level(s)? So when @FTC didn’t respond to my tweeted inquiry,…
FBI put Anonymous ‘hacktivist’ Jeremy Hammond on terrorism watchlist
Ed Pilkington reports: The prominent Anonymous “hacktivist” Jeremy Hammond, who participated in some of the hacking collective’s most audacious cyber acts, was placed by the FBI on a terrorism watchlist, the Daily Dot reported on Monday. The internet news website obtained a leaked document from the New York state division of criminal justice services that shows Hammond…