Mathew J. Schwartz reports: Many companies that look to process and store sensitive data — including intellectual property — abroad as a cost-cutting measure are seeking countries with minimal data breach notification requirements, according to a survey of 1,000 senior IT decision makers by market research firm Vanson Bourne. The survey was sponsored by Intel’s…
Category: Of Note
And the hits just keep on coming for Epsilon
Note: CBS reports that the Secret Service is investigating the Epsilon breach. If you receive a phishing attempt that you want to report to the Secret Service, email [email protected]. You can also file a report at http://www.ic3.gov/default.aspx. I’ll add businesses to the list of affected customers as I become aware of them, so check back if…
A Rash of Third-Party Data Breaches Takes a Toll on Businesses and Customers (update2)
Last month I reported that both Play.com and Maine’s Dept. of Conservation had been hit by breaches at their third-party vendors. Game Show Network (GSN) customers were also notified of a breach at a third-party vendor, but I didn’t report it at the time because I was trying to get confirmation from the company whether the…
When it comes to compiling breaches, more is better
As announced by the good folks at DataLossDB.org today, I’ve agreed to work with them in terms of maintaining and developing their database. DataBreaches.net and PHIprivacy.net will continue as they always have, but expect to see more breaches show up in DataLossDB in a timely fashion and expect to see more backfilling over time and…
Briar Group restaurant chain to pay $110K for data security breach; must comply with PCIDSS
Jenn Abelson reports: The Briar Group LLC, which runs Ned Devine’s, the Green Briar, The Lenox, and other popular restaurants, has agreed to pay $110,000 to resolve allegations that the Boston chain failed to take reasonable steps to protect diners’ personal information and put at risk tens of thousands of credit and debit card information….
McAfee and SAIC survey: Companies pick and choose which data breaches to report
Ellen Messmer reports: One in 7 information technology companies have not reported data breaches or losses to outside government agencies, authorities or stockholders. In addition, only 3 out of 10 said they report all data breaches and losses suffered related to intellectual property, while 1 in 10 organizations will only report data breaches and losses…