From the Metropolitan Police Dept. web site: Officers from the Metropolitan Police Central e-Crime Unit (PCeU) have arrested a 19-year-old man in a pre-planned intelligence-led operation. The arrest follows an investigation into network intrusions and Distributed Denial of Service (DDoS) attacks against a number of international business and intelligence agencies by what is believed to…
Executive Learns From Hack
Evan Ramstad reports about the lessons learned by one executive after the Hyundai Capital Services hack: … His biggest mistake, he says, was that he used to treat the information-technology department as simply one of many units that helped the company get its main job done. Today he treats it as central to everything the company…
Dropbox left document storage accounts open for four hours
Jeremy Kirk reports: Online storage service Dropbox accidentally turned off password authentication for its 25 million users for four hours on Monday — although “much less than 1%” of those accounts were accessed during the period, the company said. It is still investigating whether any of those accounts were improperly accessed. Dropbox CTO Arash Ferdowsi wrote…
2 fired at University of Iowa Hospitals for peeking at records
Clark Kauffman reports: The University of Iowa Hospitals and Clinics has fired a medical assistant for allegedly violating patient privacy by reporting a colleague’s suspected patient-privacy violations. If you read the details in the Des Moines Register, though, the case seems a bit tricky – the employee did admit to looking over a colleague’s shoulder,…
Lulzsec 2011 census released – UPDATED – or not!
In a message that undoubtedly should send shudders down the spines of those involved in the security of UK census data, the hacking collective known as LulzSec posted a message on Pastebin yesterday: Greetings Internets, We have blissfully obtained records of every single citizen who gave their records to the security-illiterate UK government for the…
Tables Turn for Dentist Who Shared Patient Info
Tim Hull has more on a court decision in California mentioned last week on this blog: Federal medical-privacy laws do not preempt California’s own rules against doctors disclosing patient information to debt collectors, the state Supreme Court ruled. The unanimous court revived Robert Brown’s longtime crusade to hold dentist Rolf Reinholds accountable under California’s Confidentiality…