Jordan Robertson reports yet another worrying aspect to the newly disclosed Yahoo! breach affecting 1 billion users: government employee accounts were involved, and at least one buyer of the database specifically asked about government officials as to whether their data was in the database. Some snippets from his reporting: More than 150,000 U.S. government and military…
CT: Bristol Board of Ed adopts new student data security policy
Susan Corica reports: The Board of Education has adopted a new policy to protect the privacy of student data, to comply with new state legislation. […] Under the new policy, “for any contract that we generate, after Oct. 1 of 2016, we need to have a clause in there that tells us exactly how they…
Accused mastermind of $100M JPMorgan Chase customer data hack surrenders to feds at JFK
Stepan Kravchenko, Erik Larson, and Bob Van Voris report: An American fugitive who is accused of conspiring to organize the largest known cyber attack on Wall Street arrived back home in the U.S. from Russia, resolving months of negotiations at a moment of high tension over hacking between Moscow and Washington. Joshua Aaron pleaded not guilty…
Yahoo Discloses 1 Billion User Accounts Were Hacked in 2013
From the not-really-a-surprise dept., Vindu Goel reports: Yahoo, already under a cloud from its summertime disclosure that 500 million user accounts had been hacked in 2014, disclosed Thursday that another attack a year earlier had compromised more than 1 billion Yahoo accounts. The newly disclosed attack involved more sensitive user information, including unencrypted security questions….
$17.5 Million Settlement With Owner Of Ashleymadison.com In Joint Multi-State And FTC Agreement
Settlement Follows Investigation Finding That Adult Dating Website Maintained Lax Security Practices, Misled Consumers About Its Data Security, And Created Fake Female Profiles To Entice Male Users In Addition to Penalties, Settlement Requires The Website To Implement Stronger Data Security Program And Cease Deceptive Practices NEW YORK—Attorney General Eric T. Schneiderman joined twelve other states,…
Nearly half of education-vendor websites tested had security problems, audit reveals
Nichole Dobo writes: Nearly half of the more than 1,200 education technology vendor websites used by teachers and students, and checked in an October audit, did not include a secure log-in, according to a new survey. This makes these programs vulnerable to a security breach – a school leader’s nightmare. “We want people to fix this,”…