Jordan Robertson reports: Companies that use Amazon’s popular cloud computing service have accidentally disclosed confidential information including sales records and source code, highlighting the risks of moving sensitive data to the Web, according to new research. Rapid7, a Boston-based security firm, said in a report released today that it found more than 126 billion files…
Category: Of Note
Court Favors Bank in Fraud Dispute; Customer Had Declined Dual Authentication
More on the lawsuit and countersuit between Choice Escrow and Land Title and BancorpSouth, mentioned previously on this blog. Tracy Kitten reports: A federal court has sided with a Mississippi bank in a lingering dispute with a customer over financial losses linked to an account takeover incident dating back to March 2010. That means the bank will…
UK: Payday loans firm loses licence over identity theft loans
We don’t see this too often, but lack of adequate security costs this business its business, and the consequences were imposed by a regulator. Out-Law.com reports: MCO Capital Limited made loans in the name of 7,000 people whose identity was used by fraudsters without their permission or knowledge. The loans totalled millions of pounds and…
Data breaches in higher education
TeamSHATTER reports on data breaches in the higher education vertical throughout the United States. The past year has seen a substantial uptick in the amount of total records breached. In 2012, there was a dramatic increase in the total number of reported records affected (1,977,412), but a relatively low amount of institutions (51) that reported…
New U.S. Supreme Court Decision Will Likely Impact Data Breach Litigation
Rebecca J. Schwartz writes: On February 26, 2013, the United States Supreme Court in Clapper v. Amnesty International confirmed a demanding threshold showing for plaintiffs suing based on increased risk of harm in privacy-related. The decision effectively resolves a circuit split over the application of the Article III standing requirement in data breach cases. Plaintiffs must show that the…
Mandatory data breach notification law proposed in Canada
Nestor E. Arellano reports: With the Conservative government’s privacy reform bill sitting untouched after being introduced about two years ago, New Democractic Party MP Charmain Borg has introduced a private member’s bill that that would make it mandatory for organizations to report data breach incidents. Bill C-475, Borg’s proposed amendment to the federal Personal Information Protection and Electronics Document…