From the summary of findings in The Criminal Division’s Laptop Computer Encryption Program and Practices, Audit Report 10-23, March 2010: Criminal Division-Owned Laptop Computers Our review found that of the 40 laptops we tested for encryption software, 10 did not have encryption, and 9 of those 10 did not have Windows passwords enabled. All of…
Category: Of Note
Reconsidering the retailers’ attempts to keep their identities secret
Over on The Tech Herald, Steve Ragan takes a somewhat more sympathetic view to J.C. Penney than I have generally taken. Steve writes, in part: Most of the media reports are painting the picture that J.C. Penney suffered a breach and did nothing. That isn’t entirely true. The company cooperated fully when asked and it…
The Supreme Court confirms a penalty of 361,208 euros on Iberia for losing passengers’ personal data
The English seems a bit awkward, but the message seems clear. It seems like it took this incident over seven years to get to Spain’s Supreme Court. The Supreme Court confirms a penalty of 361,208 euros on Iberia for losing passengers’ personal data The Supreme Court has confirmed a penalty of 361,208 euros Iberia imposed…
Organizations Rarely Report Breaches to Law Enforcement
Kelly Jackson Higgins has a column on why organizations do not rush to share information with the FBI and why the FBI wants them to share more: …. the FBI will protect victim organization’s privacy, data, and will share what information it can from its investigation, he said, rather than continue with the mostly one-way…
Federal Information Security and Data Breach Notification Laws
From Congressional Research Service: Federal Information Security and Data Breach Notification Laws Gina Stevens Legislative Attorney January 28, 2010 The following report describes information security and data breach notification requirements included in the Privacy Act, the Federal Information Security Management Act, Office of Management and Budget Guidance, the Veterans Affairs Information Security Act, the Health…
JC Penney, Wet Seal: Gonzalez Mystery Merchants
While major news sources rushed to report yesterday that Albert Gonzalez was sentenced yesterday to 20 years plus one day for the Heartland Payment Systems breach, a term to run concurrently with his other sentence, Brooklynne Kelly Peters and Evan Schuman of StorefrontBacktalk led with providing the answer to a question many of us had:…