Background checks are an important tool in preventing insider breaches. After Edward Snowden’s leaks became public, eyes turned to the firm that was responsible for checking his background, USIS. And now they’re in a slew of potentially very hot water: The government has intervened in a lawsuit filed under the False Claims Act against United…
Category: Of Note
Brit charged with hacking U.S. military networks
Jonathan Stempel reports: A British man has been arrested in England and charged by the United States and Britain with infiltrating U.S. government computer systems, including those run by the military, to steal confidential data and disrupt operations, authorities said. U.S. prosecutors said the alleged hacker, Lauri Love, infiltrated thousands of computer systems including those…
Update: Dept. of Energy hack affected 7.5x as many individuals as originally reported
Kudos to Mathew J. Schwartz of InformationWeek for following up on the July Dept. of Energy hack. In August, Schwartz reported that the breach involved an outdated version of ColdFusion. In September, he reported that the number affected was not 14,000 – as originally estimated by DOE – but about 53,000. Today, Schwartz calls our…
Experian Sold Consumer Data to ID Theft Service – Krebs
Regular readers will recall that back in April 2012, this blogger filed a complaint against Experian with the FTC over their numerous data breaches. Jordan Robertson of Bloomberg News provided media coverage of Experian’s breaches and the complaint in November last year. To date, however, the FTC has not announced any investigation or charges against…
Manitoba’s Private Sector Privacy Law – Similar To Alberta’s Law, But Important Differences Exist
Michael G. Fekete of Osler, Hoskin & Harcourt LLP writes: On September 13, 2013, Manitoba joined Quebec, British Columbia and Alberta by enacting provincial private sector privacy legislation. Once it comes into force, Manitoba’s Personal Information Protection and Identity Theft Prevention Act (PIPITPA) will govern the collection, use and disclosure of personal information, including that…
Mass security breach of fast food payment systems in South Africa via variant of Dexter malware (update 1)
Duncan McLeod reports: South Africa’s banks have suffered tens of millions of rand in losses due to a major breach of customer card data by criminal syndicates that infected electronic point-of-sale (POS) devices using a variant of malicious software called Dexter. It’s not known exactly how many POS devices were infected by the malware, but…