The recently released reports by Verizon, ArcSight/Ponemon, and Digital Forensics all offer some interesting data and statistics on breaches, but after reading them, I am reminded of the analogy of the six blind men and the elephant, as their findings are not always wholly consistent with each other. If we can generalize from the Verizon…
Hackers fool world’s largest companies using smooth talk
From coverage of the social engineering contest at DefCon: … “Out of all the companies called today, not one company shut us down,” said Offensive Security operations manager Christopher Hadnagy, part of the social-engineer.org team behind the competition that kicked off late last week. The team kept hackers within the boundaries of the law, but…
NJ: Tenants can’t get answers on Guttenberg security breach
Residents of Guttenberg’s subsidized public housing projects are afraid their personal information could be misused now that the Guttenberg Housing Authority sent them letters this month saying a computer security breach allowed “an unauthorized individual” access to their personal files, including Social Security and credit card data. The letters were not specific, and GHA officials…
ID theft feared at Ont. government website
The Canadian Press reports: An NDP critic is blasting the Ontario government after it revealed there was a possible case of identity theft linked to its driver’s licence address change website. On Saturday the government issued a news release saying it had “temporarily disabled the online address change function and has launched an investigation.” Read…
Possession of a skimmer now a felony in Minnesota
A new law went into effect in Minnesota today. As reported by Mark Sommerhauser: The Legislature moved to criminalize possession of “skimming” devices that can be used to steal someone’s identity. The new law makes it a felony to possess devices that allow unauthorized scanning and recording of personal information from the magnetic strip of…
St. Al’s missing data tapes with employees’ personal info
Add Saint Alphonsus employees to those affected by the backup tape lost by Mercer reported previously on this site. KTVB reports: Approximately 1,000 current and former Saint Alphonsus employees are being notified that a computer back-up tape containing their personal information has gone missing. Saint Alphonsus Regional Medical Center and its parent company Trinity Health…