Over on The Tech Herald, Steve Ragan takes a somewhat more sympathetic view to J.C. Penney than I have generally taken. Steve writes, in part: Most of the media reports are painting the picture that J.C. Penney suffered a breach and did nothing. That isn’t entirely true. The company cooperated fully when asked and it…
Category: Of Note
The Supreme Court confirms a penalty of 361,208 euros on Iberia for losing passengers’ personal data
The English seems a bit awkward, but the message seems clear. It seems like it took this incident over seven years to get to Spain’s Supreme Court. The Supreme Court confirms a penalty of 361,208 euros on Iberia for losing passengers’ personal data The Supreme Court has confirmed a penalty of 361,208 euros Iberia imposed…
Organizations Rarely Report Breaches to Law Enforcement
Kelly Jackson Higgins has a column on why organizations do not rush to share information with the FBI and why the FBI wants them to share more: …. the FBI will protect victim organization’s privacy, data, and will share what information it can from its investigation, he said, rather than continue with the mostly one-way…
Federal Information Security and Data Breach Notification Laws
From Congressional Research Service: Federal Information Security and Data Breach Notification Laws Gina Stevens Legislative Attorney January 28, 2010 The following report describes information security and data breach notification requirements included in the Privacy Act, the Federal Information Security Management Act, Office of Management and Budget Guidance, the Veterans Affairs Information Security Act, the Health…
JC Penney, Wet Seal: Gonzalez Mystery Merchants
While major news sources rushed to report yesterday that Albert Gonzalez was sentenced yesterday to 20 years plus one day for the Heartland Payment Systems breach, a term to run concurrently with his other sentence, Brooklynne Kelly Peters and Evan Schuman of StorefrontBacktalk led with providing the answer to a question many of us had:…
Student loan company: Data on 3.3M people stolen
From the Associated Press: A company that guarantees federal student loans said Friday that personal data on about 3.3 million people nationwide has been stolen from its headquarters in Minnesota. Educational Credit Management Corp. said the data included names, addresses, Social Security numbers and dates of birth of borrowers, but no financial or bank account…