On April 8, this blog published a post concerning the Court Ventures breach that questioned whether Experian was getting a bad rap for a breach that started with Court Ventures and its reciprocal data sharing agreement with U.S. Info Search. Unbeknownst to DataBreaches.net at the time, U.S. Info Search had issued a press release the…
Category: Of Note
Before you panic and change all your passwords because you’ve read dire warnings on Heartbleed….
For my non-techy, non-security professional readers: Before you panic and race around to change all your passwords because you’ve heard how serious the Heartbleed bug is as a threat to your privacy and data security, read this piece by Graham Cluley. There’s been a lot of bad advice out there, and as he notes, changing…
Critical crypto bug, Heartbleed, exposes Yahoo Mail, other passwords Russian roulette-style
Kudos to Dan Goodin for trying to help the public understand the significance of Heartbleed: Lest readers think “catastrophic” is too exaggerated a description for the critical defect affecting an estimated two-thirds of the Internet’s Web servers, consider this: at the moment this article was being prepared, the so-called Heartbleed bug was exposing end-user passwords, the…
The Biggest Security Breach in the History of the Internet May Have Hacked All Your Information
Tom McKay reports: The news: Security researchers have identified a very, very serious security hole in one of the fundamental technologies protecting personal data all across the Internet. OpenSSL, the cryptographic software library that an estimated two-thirds of web servers worldwide use to connect with end users and guard against digital eavesdropping, has been vulnerable to hackers for…
EXCLUSIVE: U.S. Info Search is responsible for notifying victims of breach, not us – Experian
Because the data were owned and controlled by U.S. Info Search, Experian says they are not responsible for notifying victims of a breach involving Court Ventures, a firm it acquired in 2012. So why does the media only have Experian’s name in the headlines? Jim Finkle of Reuters recently reported that there is a multi-state investigation…
Federal court denies Wyndham Hotels & Resorts’ motion to dismiss FTC’s complaint
Ashkan Soltani has uploaded an important ruling in FTC v. Wyndham, a case discussed many times on this blog. The short version of the ruling is that Wyndham went 0 for 3 on its challenges to the FTC’s authority to enforce data security under the FTC Act, to enforce data security in the absence of regulations that…