I've got a little list – I've got a little list
Of society offenders who might well be underground
And who never would be missed – who never would be missed
Observations on articles I read to keep current about technology. My interests are: Privacy, security, business, the computer industry, and geeky stuff that catches my eye.
I don't think I have an agenda beyond my own amusement.
Note that I lump all my comments into a single post. This is not a typical BLOG technique, It's just an indication that I'm lazy.
Dozens of people have been able to access the medical files of a television reality show star who tried to commit suicide, according to television current affairs show EenVandaag.
Samantha de Jong, better known as Barbie, was admitted to hospital in January after trying to kill herself. She had hardly been off the tv since she took part in reality soap Oh Oh Cherso, about a group of Dutch youngsters on Crete, in 2010.
The hospital has confirmed it is investigating the security breach. EenVandaag said routine checks revealed that ‘dozens’ of members of staff had accessed her files, even though they were not involved in her treatment.Do they not have “break the glass” procedures or other controls there? Have they not been firm enough about firing snoopers? Why did this happen and happen so extensively?
Alabama has officially joined the data breach notification party. Alabama Governor Kay Ivey signed Act No. 2018-396 into law on March 28, 2018. The law will take effect on May 1, 2018. Although it was last in the country to enact such a data security law, Alabama’s new law will immediately take its place among the most stringent in the nation.
Panerabread.com, the Web site for the American chain of bakery-cafe fast casual restaurants by the same name, leaked millions of customer records — including names, email and physical addresses, birthdays and the last four digits of the customer’s credit card number — for at least eight months before it was yanked offline earlier today, KrebsOnSecurity has learned.
The data available in plain text from Panera’s site appeared to include records for any customer who has signed up for an account to order food online via panerabread.com. The St. Louis-based company, which has more than 2,100 retail locations in the United States and Canada, allows customers to order food online for pickup in stores or for delivery.
Equifax, which suffered a massive data breach in 2017 that exposed the personal information of nearly 150 million consumers, has been sending out erroneous notification letters to a “small percentage” of those affected, the company confirmed Monday.
Hackers breached the credit reporting agency’s records, exposing data belonging to millions of accounts monitored by Equifax. Since then, the company has been reaching out to people who were affected by the breach, offering free credit monitoring and other remediation efforts.
Read more on CNBC.
A data breach at department store chains Saks Fifth Avenue, Saks Off Fifth and Lord & Taylor has compromised the personal information of customers who shopped at the stores.
The chains’ parent company, Canada-based Hudson’s Bay Co., announced the breach of its store payment systems on Sunday. The company said it was investigating and taking steps to contain the attack.
Gemini Advisory LLC revealed on Sunday that a hacking group known as JokerStash or Fin7 began boasting on dark websites last week that it was putting up for sale up to 5 million stolen credit and debit cards.
We estimate the window of compromise to be May 2017 to present.
Based on the analysis of the available data, the entire network of Lord & Taylor and 83 Saks Fifth Avenue locations have been compromised. The majority of stolen credit cards were obtained from New York and New Jersey locations.
Police forces across country have been quietly rolling out technology which allows them to download the entire contents of victim’s phone without a warrant.
At least 26 forces now use technology which allows them to to extract location data, conversations on encrypted apps, call logs, emails, text messages, photographs, passwords and internet searches among other information.
On 22 February 2018, the European Court of Human Rights (ECHR) decided a case concerning the alleged violation of Article 8 of the European Convention on Human Rights (the Convention) in the context of controlling an employee’s personal files stored on the hard drive of his work computer. The judgment of the ECHR (in French) can be accessed here and the press release (in English) can be accessed here.
The applicant, Eric Libert, is a French national who had been working at the French railway company SNCF. In 2007, Mr Libert had been temporarily suspended from his duties because his employer found that Mr. Libert’s work computer contained, inter alia, address change certificates drawn up for third persons and bearing the official Surveillance unit logo, and a large number of files containing pornographic images and films. He was dismissed from his post on 17 July 2008. After being unsuccessful before the national courts, Mr. Libert lodged an application with the ECHR against the French Government while primarily relying on Article 8 (right to respect for private and family life) of the Convention.
On Monday we published our fourth annual Data Security Incident Response Report, which provides an analysis of the more than 560 cyber incidents handled by the team in 2017. Reflecting on the increasingly sophisticated nature of attacks, the aggressiveness by regulators in researching breaches and the expectations of highly developed responses, the report offers intelligence to help entities reduce their risk profile, build resilience, and be better prepared to respond when incidents occur.