Tony Romm writes: Congress failed to pass a new federal law last year requiring the litany of companies affected by data breaches — from gaming giant Sony to shoe e-tailer Zappos — to notify consumers. But now some lawmakers believe they have a new route for passage: the Senate’s upcoming cybersecurity reform bill. Read more…
Category: Of Note
Data breach? Blame your third party’s remote access systems
Ellen Messmer reports: An in-depth study of data-breach problems last year where hackers infiltrated 312 businesses to grab gobs of mainly customer payment-card information found the primary way they got in was through third-party vendor remote-access applications or VPN for systems maintenance. “The majority of our analysis of data-breach investigations — 76% — revealed that the third-party responsible for…
Law enforcement targeted by hackers
There have been a number of law enforcement-related web sites hacked since last June. Some of those hacks — like those involving the Arizona Department of Public Safety, BART, International Association of Chiefs of Police, Boston Police Patrolmen’s Association, Baldwin County Sheriff’s office in Alabama, Coalition of Law Enforcement and Retail (C.L.E.A.R.), the California Statewide Law…
SLC Police Department hack: hackers delete their own files after reiterating pledge not to expose residents’ personal info
Hacktivism raises all kinds of ethical issues. In an unusual move, hackers responsible for the hack of the Salt Lake City Police Department have deleted their copies of some of the files they had acquired from the PD’s web site. In announcing the hack on Tuesday, the hackers known as Kahuna and CabinCr3w indicated that…
NYSEG and RG&E Notify Customers of Unauthorized Access to Customer Data
From NYSEG: New York State Electric & Gas (NYSEG) and Rochester Gas and Electric (RG&E), subsidiaries of Iberdrola USA, today began sending precautionary notifications to customers advising them of unauthorized access to customer data. This situation involves an employee at an independent software development consulting firm (contracted by NYSEG and RG&E) who allowed unauthorized access…
(Follow-up) Agreement Reached With Metropolitan Life Insurance Co. Over Release of Some Customers’ Personally Identifiable Information
Attorney General George Jepsen and Consumer Protection Commissioner William Rubenstein have reached an agreement with Metropolitan Life Insurance Co. to provide additional protections to the current and former customers whose personal information was made public. Information of current and former MetLife customers was part of a spreadsheet posted to the Internet by an employee of…