Jim Finkle of Reuters reports: U.S. attorneys general have launched a multi-state investigation into a breach in which criminals gained access to a repository of some 200 million social security numbers through a unit of data provider Experian Plc. “We are investigating,” said Maura Possley, a spokeswoman for Illinois Attorney General Lisa Madigan. “It’s part…
Category: Of Note
Fandango, Credit Karma Settle FTC Charges that They Deceived Consumers By Failing to Securely Transmit Sensitive Personal Information
Two companies have agreed to settle Federal Trade Commission charges that they misrepresented the security of their mobile apps and failed to secure the transmission of millions of consumers’ sensitive personal information from their mobile apps. The FTC alleged that, despite their security promises, Fandango and Credit Karma failed to take reasonable steps to secure…
Criminal steals treasure trove of info on applicants to Nevada State Bar
Criminals who broke into a State Bar of Nevada storage facility stole confidential information on an undisclosed number of applicants for the state bar examination, putting an untold number at risk of identity theft. Those affected were notified by letter dated March 17 and offered free credit monitoring for a year:The notification was submitted to…
Pointer: Senate Commerce report on Target data breach
The Senate Committee on Commerce, Science, and Transportation released its report, “A “Kill Chain” Analysis of the 2013 Target Data Breach.” The report was prepared by the majority staff for Chairman Rockefeller.
GAO: VA Needs to Address Long-Standing Challenges
Highlights from the GAO Report, “INFORMATION SECURITY: VA Needs to Address Long-Standing Challenges (GAO-14-469T): The Department of Veterans Affairs (VA) continues to face long-standing challenges in effectively implementing its information security program. Specifically, from fiscal year 2007 through 2013, VA has consistently had weaknesses in key information security control areas (see table). Control Weaknesses for…
Chicago’s Trustwave sued over Target data breach
Ooh. Trustwave has been sued for their role in the Target breach. The plaintiffs in the potential class action lawsuit are Green Bank and Trustmark Bank John Pletz reports: Although the most serious allegations are leveled at Target, the suit alleges that Trustwave failed to identify deficiencies in the retailer’s IT systems. Trustwave’s software audits companies’ IT systems…