Morrison & Foerster LLP write: Nevada’s recently amended law will, among other things, create the first state mandate to encrypt online account credentials. Specifically, on May 13, 2015, Nevada Governor Sandoval approved a bill (“AB 179”) to expand the definition of “personal information” for purposes of the state’s security breach notification and personal information safeguards…
Category: U.S.
Attorneys to argue jurisdiction in Shorter University security breach case
Northwest Georgia News has an update on a lawsuit that was filed in the wake of the theft of student records at Shorter University. The breach, disclosed in November 2014, allegedly resulted in ID theft and tax refund fraud, according to a lawsuit filed in February: The federal judge presiding over a civil lawsuit against Shorter…
Starbucks victim: ‘I had to beg and plead to get my money back’ — also, new security questions
Kudos to Bob Sullivan for staying on the Starbucks story. Today, he writes: Ryan Benharris had $200 stolen from his debit card after his Starbucks account was hijacked recently, but that’s not why he was furious at the firm. He was angry about what happened next. “I had to beg and plead to get my…
Airplane hacking panic! Why it’s a surely a storm in a teacup
There has been much media coverage of Chris Robert’s alleged claims about controlling an airplane in-flight. I haven’t bothered to link to them as they generally just re-hash what is already known and not known. But Iain Thomson got a more detailed response from those who are skeptical about Roberts’ claims: At last year’s…
Consolidated Tribal Health Project, Inc. Notifies Employees and Patients of a Data Security Compromise
From their press release: Consolidated Tribal Health Project, Inc. (“CTHP”) has become aware of a data security event involving unauthorized access by a former employee to certain CTHP systems and information maintained by CTHP. CTHP has been working to understand the nature and scope of the incident, and has engaged third-party data forensics experts to assist with its investigation. …
St. Louis Federal Reserve Suffers DNS Breach
Brian Krebs reports: The St. Louis Federal Reserve today sent a message to the banks it serves alerting them that in late April 2015 attackers succeeded in hijacking the domain name servers for the institution. The attack redirected Web searches and queries for those seeking a variety of domains run by the government entity to a Web page…