Joseph Menn reports: A previously unknown flaw in a recent version of Microsoft Corp’s Internet Explorer web browser is being used to attack Internet users, including some visitors to a major site for U.S. military veterans, researchers said Thursday. Security firm FireEye Inc discovered the attacks against IE 10 this week, saying that hundreds or…
Category: Of Note
Why otherwise adequate breach response plans may fail
One of the recurring themes by commenters on this blog is that they got a breach notification that offered them free credit monitoring services, but: 1. They can’t access the site they’re directed to; 2. They are alarmed that the site asks them for their personal information; and/or 3. They have no reason to trust…
Snowden Swiped Password From NSA Coworker – NSA memo
Michael Isikoff reports that although Edward Snowden has publicly denied using co-workers’ credentials to access documents he downloaded and shared with media outlets: A civilian NSA employee recently resigned after being stripped of his security clearance for allowing former agency contractor Edward Snowden to use his personal log-in credentials to access classified information, according to an…
Weather Shield employees continue to experience difficulties with IRS after data theft 3 years ago
Since April 2011, this blog has covered the continuing – and concerning – saga of Weather Shield employees who became victims of ID theft and who continue to have problems filing their tax returns, year after year. And now it’s happening again. I thought the IRS was supposedly getting its act together on helping victims of…
NI Department of Justice fined for data breach
BBC reports: Northern Ireland’s Department of Justice has been fined £185,000 for auctioning off a filing cabinet that contained personal information about victims of a terrorist attack. The locked cabinet was one of 59 sold off by the Compensation Agency in 2012. When the buyer forced it open, they found it contained documents about injuries…
Why Canada’s Privacy Commissioner and CRTC should heed PIAC/CAC’s recommendations about Bell’s “Relevant Ads Program”
This post originally appeared on PogoWasRight.org. I am cross-posting it here because I think NullCrew’s hack should inform policy decisions and public debate about a program of Bell’s that involves a lot of sharing of consumers’ personal information with “affiliates.” Bell (BCE, Bell Canada, Bell Mobility, Bell Aliant and their affiliates) believes it is engaging…