Elizabeth Montalbano reports: Some federal agencies that deal with highly sensitive data are not adequately protecting it from contract workers, a new Government Accountability Office (GAO) report found. The Departments of Defense (DoD), Homeland Security (DHS), and Health and Human Services (HHS) have some guidance and contract provisions in place for what data contractors can…
Category: Of Note
Is your browser being lied to? Survey says: “Maybe”
Cross-posted from PogoWasRight.org: In a year when both Congress and the FTC have been making noise about regulating online advertising, you would think that the industry would be eager to show that such regulation is not needed. Yet a new study released last week by researchers at Carnegie Mellon University’s CyLab suggests that not only…
Article: Contracts for Clouds: Comparison and Analysis of the Terms and Conditions of Cloud Computing Services
I posted this to PogoWasRight.org last week but probably should have posted it here, too: Simon Bradshaw of University of London – Centre for Commercial Law Studies, Christopher Millard of the Centre for Commercial Law Studies; Oxford Internet Institute, and Ian Walden of Queen Mary University of London, School of Law have a working paper…
Great resource: Cloutage.org
The good folks at Open Security Foundation have created a database of cloud computing incidents. The incidents are tagged as “AutoFail,” “DataLoss,” “Hack,” “Outage,” or “Vulnerability,” permitting researchers and professionals to analyze different types of incidents. As of this morning, there are 222 incidents in the database as they have backfilled some earlier incidents…
California hospital fined $250k for tardy breach notice to state (updated)
If you’re supposed to report a breach to the state of California, you’d darn well better report it in a timely fashion. HealthLeaders Media reports that Lucile Salter Packard Children’s Hospital at Stanford University has been fined $250,000 by the California Department of Public Health for failing to report a patient records breach <del>by April 23</del>. The…
Report: RBS WorldPay Hacker Gets Four Years’ Probation
Robert McMillan reports: The mastermind behind one of the biggest hacking paydays in history has been sentenced to four years’ probation and an US$8.9 million fine, according to published reports. Victor Pleshchuk, 28, was sentenced to four years’ probation on Wednesday, according to Bloomberg News. He is considered the leader of a group of criminals who…