A former Maricopa County Community College District employee alleges executive leadership closed their eyes to a report on their database security conducted after their massive data breach in 2013 so they would have plausible deniability in any litigation. As a result, the employee alleges, the findings were never shared with those tasked with securing MCCCD’s data assets. In November…
Category: Of Note
Dropbox passwords leak: Hundreds of accounts hacked after third-party security breach (update – not Dropbox accounts)
Update: leaked login credentials claimed to be associated with Dropbox accounts are not Dropbox accounts, according to Dropbox. Rose Troup Buchanan reports: Hundreds of passwords to Dropbox accounts have been leaked in the latest security breach, with hackers threatening to release millions more account details in exchange for Bitcoin. Hackers, who were apparently able to access logins and…
Businesses should not need to publicize personal data breaches if data is encrypted, say EU ministers
Out-Law.com reports: Businesses should not need to notify consumers that their personal data has been lost or stolen if the data has been encrypted, EU ministers have said. Ministers in the Justice and Home Affairs Committee of the EU’s Council of Ministers backed the plans as part of a wider partial agreement reached last week on…
Kmart discovers it was breached in September; discloses breach in SEC filing (UPDATED)
Danny Yadron of the Wall Street Journal just tweeted that Kmart has disclosed a data breach in its SEC filing. Indeed, they have: On October 9, Kmart’s Information Technology team detected Kmart’s payment data systems had been breached and immediately launched a full investigation working with a leading IT security firm. The investigation to date indicates…
Dairy Queen update: almost 400 locations affected by Backoff malware
The Dairy Queen breach, first reported in August, is back in the news this week as more details emerged. In a statement issued yesterday, they write (emphasis added by me): International Dairy Queen, Inc. recently learned of a possible malware intrusion that may have affected some payment cards at certain DQ® locations and one Orange Julius® location…
Working Paper: Data Breaches in Europe: Reported Breaches of Compromised Personal Records in Europe, 2005‐2014
Frederik Borgesius made me aware of this paper of note: Data Breaches in Europe: Reported Breaches of Compromised Personal Records in Europe, 2005‐2014 Philip N. Howard CMDS Working Paper 2014.1 Center for Media, Data and Society School of Public Policy Central European University October, 2014 From the Executive Summary, the major findings over the past…