Julian Hattem reports: Lawmakers in the Senate are unveiling a new data security bill that aims to protect consumers from having their identities stolen or being harmed by fraud. Sens. Tom Carper (D-Del.) and Roy Blunt (R-Mo.) said that recent data breaches at major U.S. retailers have highlighted the need for added standards to protect…
NY: Rockville Centre woman sentenced for role in ID theft scam
Zachary R. Dowdy reports: A Rockville Centre woman was sentenced Wednesday to serve 11/2 to 3 years in state prison for her role in a scheme that stole hundreds of people’s identities to file fraudulent tax returns that yielded refunds and to apply for credit cards under the victims’ names, authorities said. Susan Pemberton, who…
Google ads targeting Canadians using personal health info violate Canadian privacy law – Privacy Commissioner
The Canadian Press reports: Canada’s interim privacy commissioner says Google has been caught afoul of the law by displaying web ads linked to a person’s health history. An investigation led by Chantal Bernier, who has stepped in for outgoing privacy commissioner Jennifer Stoddart, backed up a man’s complaints that he was seeing so-called behavioural advertisements…
Who hacked Nordstrom?
Will Phoenix writes: Unlike the hackers who recently hit Target and Nieman Marcus, authorities know exactly who hacked Nordstrom. According to the U.S. Attorney’s office two brothers identified as Andrew S. Chiu, 29, of Anaheim, California; and Allen J. Chiu, 37, of Dallas, Texas utilized a mix of business logic attacks and fraudulent actions to…
So You Found An Obamacare Website Is Hackable. Now What?
Kashmir Hill reports an all-too-common scenario, this one involving security researcher Kristian Erik Hermansen: 1. White-hat hacker discovers vulnerability, tries to notify responsible party. 2. White-hat hacker gets nowhere despite numerous attempts to contact responsible party. 3. White-hat hacker discloses publicly. 4. Responsible party pays attention but is more focused on covering up problem. 5. The…
SC Department of Employment & Workforce notifying employees after former employee downloaded their info onto a flash drive
Seanna Adcox of Associated Press reports yet another breach in South Carolina, this one involving the state’s employment and workforce agency: South Carolina’s unemployment agency began notifying more than 4,600 people Wednesday that a former employee may have compromised their personal information. The employee who downloaded the data to a personal flash drive was fired…