Danny Yadron reports: The holiday data breach at Target Corp. appeared to be part of a broad and highly sophisticated international hacking campaign against multiple retailers, according to a report prepared by federal and private investigators that was sent to financial-services companies and retailers. The report offers some of the first details to emerge about the source…
Category: Of Note
Tokyo ordered to pay damages to Muslim victims of privacy breach
There’s a follow-up to a breach covered previously on this site involving a data leak from the Metropolitan Police Department in Tokyo. The Tokyo District Court ordered the Tokyo Metropolitan Government to pay 90 million yen (around $860,000) in damages to 17 Muslims for the breach of privacy lawsuit they filed against the city. Around 114 documents were leaked…
Reuters sources: Other US retailers victims of cyberattacks
Jim Finkle and Mark Hosenball of Reuters report: Target Corp and Neiman Marcus are not the only U.S. retailers whose networks were breached over the holiday shopping season late last year, according to sources familiar with attacks on other merchants that have yet to be publicly disclosed. Smaller breaches on at least three other well-known…
Target update: 70 million MORE customers affected by breach (Update)
From their press release of today: MINNEAPOLIS — January 10, 2014 Target today announced updates on its continuing investigation into the recent data breach and its expected fourth quarter financial performance. As part of Target’s ongoing forensic investigation, it has been determined that certain guest information — separate from the payment card data previously disclosed —…
David Nosal sentenced; case narrowed the definition of “exceeding authorized access” under CFAA (update1)
I’ve been following the David Nosal case on this blog since April 2011, when the Ninth Circuit held that an employee who violates his employer’s computer use policy is guilty of “exceeding authorized access” to the employer’s computer under the federal anti-hacking statute, CFAA. In June 2011, Nosal filed a petition for rehearing en banc (see…
Drowning in breach reports today…
Today, HHS added 37 incidents to its public breach tool, which I’ve summarized over on phiprivacy.net (here and here). But it looks like I can’t catch a break, as the Maryland Attorney General’s Office also updated its breach tool. So here are some more breaches I did not previously know about, with links to their…