I’ve been following the David Nosal case on this blog since April 2011, when the Ninth Circuit held that an employee who violates his employer’s computer use policy is guilty of “exceeding authorized access” to the employer’s computer under the federal anti-hacking statute, CFAA. In June 2011, Nosal filed a petition for rehearing en banc (see…
Category: Of Note
Drowning in breach reports today…
Today, HHS added 37 incidents to its public breach tool, which I’ve summarized over on phiprivacy.net (here and here). But it looks like I can’t catch a break, as the Maryland Attorney General’s Office also updated its breach tool. So here are some more breaches I did not previously know about, with links to their…
Hacker backdoors Linksys, Netgear, Cisco and other routers
Richard Chirgwin reports: The new year begins as the old year ended: with yet more vulnerabilities turning up in consumer-grade DSL modems. A broad hint for any broadband user would be, it seems, to never, ever enable any kind of remote access to the device that connects you to the Internet. However, the hack published…
This was all too predictable…
Remember how I posted about how some frustrated researchers at Gibson Security had gone public with a SnapChat vulnerability that the firm allegedly hadn’t addressed? Well, now it seems 4.6 million SnapChat users’usernames and phone numbers have been leaked.
Accretive Health Settles FTC Charges That It Failed to Adequately Protect Consumers’ Personal Information
From the FTC, a follow-up on a breach that was first disclosed in September 2011, and that I’ve covered a number of times on PHIprivacy.net (see these articles). Regular readers may recall that Accretive was also sued by Minnesota’s Attorney General. That suit settled for $2.5 million in July 2012. Accretive Health, Inc., a company that…
The Briar Group discloses security breach affecting eight Boston bars and restaurants (updated)
Uh oh. NECN reports: A Boston restaurant group is letting patrons know that its computer systems were breached. The Briar Group, or BRG, says someone had unauthorized access to card data at the restaurants between October and early November. Diana Pisciotta, a spokesperson for the group, says they have been working on identifying the source…