Saturday, March 15, 2014

Not the kind of thing you want to see in a 10-K.
Target warns in filing that data breach could be worse than reported so far
  • Target (TGT) warned that last year's security breach could have been more extensive than reported so far and lead to further losses, the retailer discloses today in its annual 10-K filing.
  • TGT says it cannot predict the length or extent of any ongoing impact to sales, or how long it might take to restore the company's reputation in the wake of the breach.
  • So far, TGT has said ~40M payment card records were stolen along with 70M other customer records.

Local! Suggests that they found the “virus.” That's good, but very unusual. If they had the tools in place, why did it take them 4 months?
Roger Adams of Aspen Public Radio reports that Valley View Hospital in Glenwood Springs was the target of computer hackers who managed to insert a virus on the hospital’s system in September.
A statement prominently linked from the hospital’s homepage explains that after identifying the virus in January, they brought in a forensic team who was able to learn that the virus had captured screen shots of Internet web pages and stored these images in an encrypted, hidden folder on the Valley View Hospital system. This folder could have been accessed by an outside entity. Upon this discovery on January 23, 2014, the hospital immediately shut down incoming and outgoing Internet traffic to quarantine all information. Steps were taken to remove the virus from the system.
On January 25, 2014, the firm reported the detailed contents of the encrypted, hidden folder. The information in each folder varied for each affected individual but included individual names and in some cases addresses, date of birth, telephone numbers, social security numbers, credit card information, admission date, discharge date and patient visit numbers. No medical information was included. The hospital has been unable to confirm whether any data was improperly accessed by or transmitted to an outside entity.
Notification letters will be going out to affected patients on March 17 and patients will be informed about free identity and credit protection services.
The hospital has already launched an upgrade to its information technology and security.

Is this the future of Privacy Policies? Understandable policies? Can we do better.
Ric Velez writes:
Goodbye, terrible, jargon-filled, tiny-font legalese we like to call a privacy policy. Today, we’re launching Private Parts, an open-sourced, customizable toolkit to help developers implement visual, user-friendly privacy policies. And yes, you can use it today.
Instead of a mystifying wall of text, we wanted to create broad industry change and transform privacy policies into a clear, simple design that uses visual cues to allow users to understand how an app collects and shares their data.
Read more on Lookout, with a reminder that me posting something here does not constitute an endorsement.

What could possibly go wrong? Is this because we are feeling guilty that we have an effective intelligence community?
U.S. to relinquish remaining control over the Internet
U.S. officials announced plans Friday to relinquish federal government control over the administration of the Internet, a move likely to please international critics but alarm many business leaders and others who rely on smooth functioning of the Web.
… The practical consequences of the decision were not immediately clear, but it could alleviate rising global complaints that the United States essentially controls the Web and takes advantage of its oversight role to help spy on the rest of the world.

Weekly chuckles.
… The defense has begun to make its case in Vergara vs. California, a lawsuit brought by StudentsMatter that charges that tenure and seniority rules prevent students from having effective teachers and as a result from getting a quality education.
… There’s a new law in Texas that requires (~$100) graphing calculators for eighth-grade standardized tests. (Gee, I wonder which company lobbied for that rule?) According to the Austin American-Statesman, school officials would like to use a cheaper mobile app (~$15) instead. Good grief. Use Desmos. It's free. It works on that wonderful thing, the World Wide Web, and doesn’t require you buy everyone an iPad (which last time I checked is still more expensive than a graphing calculator). [I wonder if they asked any Math teachers? Bob]
… The Supreme Court has refused Easton Area School District’s request to review a lower court decision that had struck down the district’s ban on students wearing I ♥ boobies breast cancer awareness bracelets.
Cengage’s reorganization plans have been approved, so the company can emerge from Chapter 11.
A study has found that managers looking for someone with math skills are twice as likely to hire a man over a woman, even when women are equally skilled

No comments: