Kudos to Dan Goodin for trying to help the public understand the significance of Heartbleed: Lest readers think “catastrophic” is too exaggerated a description for the critical defect affecting an estimated two-thirds of the Internet’s Web servers, consider this: at the moment this article was being prepared, the so-called Heartbleed bug was exposing end-user passwords, the…
Canada Revenue Agency shuts down web services over Heartbleed
OTTAWA – The Canada Revenue Agency says it has temporarily cut off public access to its electronic services over security concerns. The agency says it shut down access to protect the security of taxpayer information. Read more on The Spec. The full text of the statement on CRA’s web site: Statement from the Canada Revenue…
Iowa, North Carolina join states studying Experian breach – Reuters
Jim Finkle and Karen Freifeld of Reuters also have more on the Court Ventures/U.S. Info Search that has put millions of consumers at risk of identity theft or financial fraud: Iowa and North Carolina said they are looking into a breach involving a subsidiary of Experian Plc that exposed some 200 million social security numbers,…
Ca: Inform customers of data breach or pay $100,000 per case: new privacy bill
Candice So reports: Businesses and organizations will be formally required to tell individual customers and the Privacy Commissioner of Canada if they’ve suffered a data breach – or pay up to $100,000 in fines for every individual not told, according to the new Digital Privacy Act, or Bill S-4, tabled in the Senate today. Read more on ITbusiness.ca
The Biggest Security Breach in the History of the Internet May Have Hacked All Your Information
Tom McKay reports: The news: Security researchers have identified a very, very serious security hole in one of the fundamental technologies protecting personal data all across the Internet. OpenSSL, the cryptographic software library that an estimated two-thirds of web servers worldwide use to connect with end users and guard against digital eavesdropping, has been vulnerable to hackers for…
EXCLUSIVE: U.S. Info Search is responsible for notifying victims of breach, not us – Experian
Because the data were owned and controlled by U.S. Info Search, Experian says they are not responsible for notifying victims of a breach involving Court Ventures, a firm it acquired in 2012. So why does the media only have Experian’s name in the headlines? Jim Finkle of Reuters recently reported that there is a multi-state investigation…