Zimperium Mobile Defence says that their testing found that LinkedIn users are at risk of Man-in-the-Middle Attacks: What information is vulnerable? Using basic MITM, we found that an attacker can extract a LinkedIn user’s credentials, hijack their session to gain access to all other LinkedIn information and impersonate the user. The following information is exposed,…
AT&T Mobility reports breach involving service provider employees
So apparently it’s not enough that I read and think about gadzillions of breach notification letters. I’m supposed to actually report on them, too, huh? It seems I was so underwhelmed by an AT&T Mobility breach that I never reported on it here, even though mainstream media found it really newsworthy, with some even going so…
US Marshal CCs, rather than BCCs, those interested in anonymous Bitcoin auction
Megan Geuss reports: The US Marshals Service is in charge of auctioning off almost 30,000 bitcoins that the federal government seized from Silk Road servers last year, and it had planned to do so in an anonymous auction this month. But that anonymity was compromised on Wednesday when the US Marshals Service accidentally revealed the…
AU: Govt refuses to support data breach notification bill
Allie Coyne reports: The Coalition Government has refused to back a reinvigorated bill that would force companies to notify customers of a data breach, saying while it agrees with the concept in principle, the proposed legislation needs more work. In March this year Labor Senator Lisa Singh re-introduced the lapsed Privacy Alerts Bill, which failed to…
Insurer for Michael’s Stores sues to avoid having to defend Michael’s
And now Safety National Casualty Corp., insurers of Michael’s Stores, have sued to avoid having to cover Michael’s against class action lawsuits stemming from their breach. Story behind paywall at Law360.com.
Northern Ireland: Prison service signs undertaking after Maze records sold at auction
From the Information Commissioner’s Office (ICO), with emphasis added by me: The prison service in Northern Ireland has been warned by the UK data protection regulator after a filing cabinet containing Maze Prison records was unwittingly sold at auction. The incident occurred in 2004 when a cabinet that officials thought was empty was sold at…