Ramkumar Iyer reports: U.S. supermarket chain Supervalu Inc is investigating a potential data breach that could have affected more than 1,000 of its stores, the Wall Street Journal reported on Thursday, citing people with knowledge of the matter. The data breach appears to have taken place in late June or early July and may be…
Category: Of Note
Military Companies Brace for Rules on Monitoring Hackers
Chris Strom reports: Companies that do business with the Defense Department are bracing for new U.S. rules requiring them to report computer breaches to the Pentagon and give the government access to their networks to analyze the attacks. Groups representing the contractors are raising concern about the Pentagon rooting around their data, and say smaller…
Security breach in NIC, critical data at risk
Salkat Datta reports: A major security breach of the National Informatics Centre (NIC), which runs all the emails of senior officials and websites of all central government departments, allowed hackers to issue several fraudulent digital certificates, raising global concerns about India’s net security practices. The NIC is one of the select few authorised entities allowed…
United States Investigations Services (USIS) suffers major computer breach, officials say; DHS contractor
Ellen Nakashima reports: A major U.S. contractor that conducts background checks for the Department of Homeland Security has suffered a computer breach that likely resulted in the theft of employees’ personal information, officials said Wednesday. The company, USIS, said in a statement that the intrusion “has all the markings of a state-sponsored attack.” The breach,…
Russian Gang Amasses Over a Billion Stolen Credentials
Hold Security reports: After more than seven months of research, Hold Security identified a Russian cyber gang which is currently in possession of the largest cache of stolen data. While the gang did not have a name, we dubbed it “CyberVor” (“vor” meaning “thief” in Russian). The CyberVor gang amassed over 4.5 billion records, mostly…
NIST Unveils Security, Privacy Control Assessment Guide Draft
Anna Forrester reports: The National Institute of Standards and Technology has released a draft guidance for federal agencies, contractors and the intelligence community to evaluate the privacy and security controls used on federal information systems and information technology networks NIST said Friday that the “Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans” document (SP…