Hold Security reports: After more than seven months of research, Hold Security identified a Russian cyber gang which is currently in possession of the largest cache of stolen data. While the gang did not have a name, we dubbed it “CyberVor” (“vor” meaning “thief” in Russian). The CyberVor gang amassed over 4.5 billion records, mostly…
Category: Of Note
NIST Unveils Security, Privacy Control Assessment Guide Draft
Anna Forrester reports: The National Institute of Standards and Technology has released a draft guidance for federal agencies, contractors and the intelligence community to evaluate the privacy and security controls used on federal information systems and information technology networks NIST said Friday that the “Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans” document (SP…
Appeals Court Agrees To Hear Wyndham’s Challenge To FTC
Wendy Davis reports: A federal appeals court has agreed to decide whether the Federal Trade Commission can bring charges against companies based on their alleged failure to protect consumers’ data. The court’s move comes in response to a petition filed by Wyndham Hotels, which is fighting an FTC lawsuit alleging that the hotel chain didn’t…
Delaware Adopts Law Requiring the Destruction of Consumers’ Personally Identifiable Information.
Steven Caponi and Elizabeth Sloan of Blank Rome LLP write: On July 1, 2014, Delaware Governor Jack Markell signed into law Delaware House Bill 295, which amends Section 6 of the Delaware Code relating to trade and commerce. The new law, 6 Delaware Code §§50C-101 thru 50C-401, places new obligations on commercial entities with respect…
Michaels Breach Lawsuits Dismissed
Tracy Kitten reports: A district court in Illinois has dismissed a consolidated consumer class action lawsuit seeking damages from Michaels Stores Inc. for a card breach the arts and crafts retailer suffered starting in 2013. In a 20-page ruling, U.S. District Judge Elaine Bucklo says the six plaintiffs named in the consolidated suits failed to prove that they suffered “actual economic…
Hacker Charged with Breaching Multiple Government Computers and Stealing Thousands of Employee and Financial Records
Lauri Love, 29, of Stradishall, England, was indicted yesterday by a federal grand jury in the Eastern District of Virginia on charges of conspiracy, causing damage to a protected computer, access device fraud and aggravated identity theft. According to the indictment, beginning around October 2012, Love and his conspirators accessed without authorization protected computers belonging…