The Information Commissioner’s Office (ICO) has found Yorkshire Building Society (YBS) in breach of the Data Protection Act after an unencrypted laptop belonging to the former Chelsea Building Society (CBS), which had recently merged with YBS, was stolen from its Cheltenham premises. The laptop contained a substantial part of the CBS customer database. The laptop…
Data breach fines will not stop the rot
Over in the U.K., John E. Dunn discusses some hefty fines that have been levied following data breaches, but comments: The public gets to hear about the punishment but a lot is left behind a curtain of secrecy. This is wrong and possibly dangerous. What the UK lacks is not punishments but a basic data…
Confessions of an ATM Hacker
Tracy Kitten writes: I caught up this week with Barnaby Jack, the so-called ethical hacker who cracked the operating systems of two retail ATMs during last month’s Black Hat Technical Security Conference in Vegas. Jack, who heads research for IOActive Labs, a privately held computer and network security firm in San Francisco, hacked two commonly…
Banks Complicit in Fraud — Is it Systemic?
Naomi Wolf has followed up on her recent column about her experiences with WaMu and fraud by describing her shock at discovering how widespread such problems are and the e-mails she received from readers. Well, I certainly now felt less alone — but far more outraged and alarmed, on behalf of all of us, especially…
OH: Woman Charged With Stealing ID of Job-Seekers
The U.S. Attorney’s Office says a woman preyed on people who were down on their luck and looking for work. On Wednesday, prosecutors announced charges against Chantay Ware, 26. Ware was indicted on one count each of access device fraud and aggravated identity theft. According to investigators, Ware worked for HMS Host, which operated the…
With No Harm Threshold, Nearly All Breaches Substantiated in CA
Dom Nicastro provides some interesting data from California, where there is no “harm threshold” in mandated reporting requirements for breaches involving medical records: Since California’s new law went into effect last year, the state has received 3,766 breach reports. …. California’s investigations team has completed reviews of 1,953. It found that 98.7% of those breaches…