Albert Gonzalez was sentenced today to 20 years in prison for the TJX hack and breaches involving retailers, a new record in sentencing for hacking.* He faced up to 25 years. He has yet to be sentenced in the Heartland Payment Systems breach, but that sentencing is expected tomorrow, and the sentences are expected to…
Category: Of Note
Addition to Washington Breach Law Imposes Retailer Liability in Payment Card Breaches
Under a Washington law effective July 1, 2010, certain entities involved in payment card transactions may be liable to financial institutions for costs associated with reissuing payment cards after security breaches. Designed to encourage the reissuance of payment cards as a means of mitigating harm caused by security breaches, Washington H.B. 1149 applies to three…
Your health, tax, and search data siphoned
Dan Goodin reports: Google, Yahoo, Microsoft’s Bing, and other leading websites are leaking medical histories, family income, search queries, and massive amounts of other sensitive data that can be intercepted even when encrypted, computer scientists revealed in a new research paper. Researchers from Indiana University and Microsoft itself were able to infer the sensitive data…
Recommended: Gonzalez Lawyers, Judges Debate Data Breach Costs
Evan Schuman writes: When two Boston-based federal judges sentence Albert Gonzalez Thursday (March 25) and Friday (March 26) for a rash of retail cyber-break-ins that he confessed to orchestrating, the exact sentence may be academic. The key legal argument is shaping up to be this question: “When a retailer is breached, what’s the most reasonable…
Western Australia’s Auditor General Finds Serious Weaknesses in Government Agencies’ Handling of Information
In his annual report on Information System Management in state government agencies, the Auditor General for Western Australia has identified serious weaknesses in the way many agencies manage their IT systems. The two-part Information Systems Audit Report, tabled in Parliament, found that government agencies were often failing to implement comprehensive controls over their IT systems…
Over 120,000 Sanoma User Credentials Stolen
Antti Vilpponen writes: Not exactly a startup news per se, but a healthy reminder to all those working with user credentials in their online services. One of the largest, if not the largest, online identity thefts has just occured (sic) in Finland. The service to be breached was Älypää, a Sanoma bought gaming site. The…