Brian Krebs has a must-read investigative piece about how ssndob.ms – an underground marketplace selling oodles of usable personal information (some of which we saw earlier this year on exposed.su) – gained access to major U.S. consumer and business data aggregators to obtain some of the data they were selling. LexisNexis, Dun & Bradstreet, Kroll…
Category: Of Note
This hacker might seem shady, but throwing him in jail is bad for everyone
Timothy B. Lee writes: On Friday, the U.S. government filed its brief in the appeal of Andrew “Weev” Auernheimer, who was convicted of federal hacking charges for downloading hundreds of thousands of customer e-mail addresses from AT&T’s Web site. The government says the conviction was proper, but many security researchers and civil liberties advocates argue that the…
LabMD Responds to FTC Complaint: Claims Agency Lacks Enforcement Jurisdiction
Just received this press release from Cause of Action with LabMD’s response to FTC’s complaint: Cause of Action (CoA), a government accountability organization, filed an answer to an aggressive and arbitrary enforcement action brought by the Federal Trade Commission (FTC) against LabMD, a small cancer diagnosis company. CoA is defending LabMD against a complaint brought by the FTC in…
FTC complaint against LabMD could serve as guidance to businesses on data security
The Federal Trade Commission has released a provisionally redacted public version of its complaint against LabMD (PHIprivacy.net’s coverage of LabMD linked here). The complaint provides what could be useful guidance as to what types of practices the FTC considers to be problematic practices under the Act: 10. At all relevant times, respondent engaged in a number of…
Vodafone Hacker Accesses 2 Million Customers’ Banking Data
Richard Weiss reports: An intruder hacked into a Vodafone Group Plc (VOD) server in Germany, gaining access to 2 million customers’ personal details and banking information. A person with insider knowledge stole data including names, addresses, birth dates, and bank account information, the world’s second-biggest mobile-phone carrier said in a statement today. The hacker had no access to credit-card information,…
Vermont Attorney General Sorrell Requires Security Upgrades And Assesses Penalty For Security Breach Violations
Attorney General William Sorrell has reached a settlement with Natural Provisions, a grocery store in Williston, Vermont in which Natural Provisions agreed to spend $15,000 to significantly upgrade its computer security system to exceed minimum legal protections, and to pay $15,000 to the State, in addition to other injunctive relief. The settlement resolves allegations that Natural Provisions…