The recent spate of hacks against Sony networks as well as a Congressional hearing where representatives of Sony and Epsilon testified about their recent breaches have stimulated another round of discussions about whether we need a federal breach disclosure law that preempts state laws, and if so, what the threshold or trigger should be for…
What impact will the Sony and Infragard hacks have?
Chester Wisniewski writes: In a self-titled hack attack called “F**k FBI Friday” the hacking group known as LulzSec has published details on users and associates of the non-profit organization known as Infragard. Infragard describes itself as a non-profit focused on being an interface between the private sector and individuals with the FBI. LulzSec published 180…
Sony Europe hacked by Lebanese hacker… Again
Chester Wisniewski writes: By my count this is unlucky hack number 13 for Sony. A Lebanese hacker known as Idahc dumped another user database at Sony Europe containing approximately 120 usernames, passwords (plain text), mobile phone numbers, work emails and website addresses. Read more on Naked Security.
Ca: Pharmacy papers litter Riverview roadside
CBC News in Canada reports: CBC News discovered a major privacy breach at a pharmacy in Riverview, New Brunswick Friday. Scores of patient prescriptions, medication receipts and empty bottles were found littering the street near a Jean Coutu pharmacy on Coverdale Road. The documents include names, addresses and phone numbers and, ironically, a document outlining…
How the Epsilon Breach Hurts Consumers
Yesterday, following the Congressional hearing where Sony and Epsilon testified, we had a bit of a lively – if truncated – debate on Twitter about breach notification. Not surprisingly, George V. Hulme raised the issue of breach notice fatigue and how notifications should be confined to situations where there is some real risk. Also not…
Global Financial Aid Services reports a completely avoidable security breach
For those who remember the Peter, Paul, and Mary song, feel free to sing along with me: “When will they ever learn? Oh when will they ever learn?” Global Financial Aid Services of Gulfport, Mississippi recently notified the New Hampshire Attorney General’s Office that a laptop containing unencrypted student names, addresses, and Social Security Numbers…