Salkat Datta reports: A major security breach of the National Informatics Centre (NIC), which runs all the emails of senior officials and websites of all central government departments, allowed hackers to issue several fraudulent digital certificates, raising global concerns about India’s net security practices. The NIC is one of the select few authorised entities allowed…
Category: Of Note
United States Investigations Services (USIS) suffers major computer breach, officials say; DHS contractor
Ellen Nakashima reports: A major U.S. contractor that conducts background checks for the Department of Homeland Security has suffered a computer breach that likely resulted in the theft of employees’ personal information, officials said Wednesday. The company, USIS, said in a statement that the intrusion “has all the markings of a state-sponsored attack.” The breach,…
Russian Gang Amasses Over a Billion Stolen Credentials
Hold Security reports: After more than seven months of research, Hold Security identified a Russian cyber gang which is currently in possession of the largest cache of stolen data. While the gang did not have a name, we dubbed it “CyberVor” (“vor” meaning “thief” in Russian). The CyberVor gang amassed over 4.5 billion records, mostly…
NIST Unveils Security, Privacy Control Assessment Guide Draft
Anna Forrester reports: The National Institute of Standards and Technology has released a draft guidance for federal agencies, contractors and the intelligence community to evaluate the privacy and security controls used on federal information systems and information technology networks NIST said Friday that the “Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans” document (SP…
Appeals Court Agrees To Hear Wyndham’s Challenge To FTC
Wendy Davis reports: A federal appeals court has agreed to decide whether the Federal Trade Commission can bring charges against companies based on their alleged failure to protect consumers’ data. The court’s move comes in response to a petition filed by Wyndham Hotels, which is fighting an FTC lawsuit alleging that the hotel chain didn’t…
Delaware Adopts Law Requiring the Destruction of Consumers’ Personally Identifiable Information.
Steven Caponi and Elizabeth Sloan of Blank Rome LLP write: On July 1, 2014, Delaware Governor Jack Markell signed into law Delaware House Bill 295, which amends Section 6 of the Delaware Code relating to trade and commerce. The new law, 6 Delaware Code §§50C-101 thru 50C-401, places new obligations on commercial entities with respect…