Tuesday, February 10, 2009

My wife has be notified by both her Credit Union and her prepaid medical card that they were part of the HPS breach and would be replacing her cards.


More on Heartland...

The letter from Heartland to the Maryland AG's Office is available at http://www.oag.state.md.us/idtheft/Breach%20Notices/ITU-164794.pdf


Related (This mostly duplicates earlier information.)

http://www.databreaches.net/?p=1402

Pointer: Numbers keep rolling in on Heartland breach

Posted February 9th, 2009 by admin Linda McGlasson of BankInfoSecurity reports:

By the latest count, the number of institutions that have informed their card customers and members that they were hit as a result of the Heartland Payment Systems (HPY) data breach has swelled to 124.

The second page of the article provides an alphabetical listing of banks that reported having been affected, with number of cards compromised indicated for many of them.

[From the article:

Heartland, the sixth-largest payments processor in the U.S.... [See? It could have been much worse! Bob]



Prof. Soma at the Sturm College of Law mentioned that there are now two HPS lawsuits

Cooper v. Heartland Payment Sys. Inc., D.N.J., No. 3:09-cv-00392-FLW-JJH, complaint filed 1/27/09; and Merino v. Heartland Payment Sys. Inc., D.N.J., No. 3:09-cv-00439-FLW-TJB, complaint filed 1/29/09



I must be missing something... Is it common to take four years to stop this kind of thing?

http://yro.slashdot.org/article.pl?sid=09/02/10/014201&from=rss

FTC Kills Dirty Online Check Processing Outfit

Posted by kdawson on Monday February 09, @09:34PM from the dirty-pretty-checks dept. The Courts Government The Almighty Buck United States

coondoggie writes

"The Federal Trade Commission today got a US District Court to stop permanently what it called the illegal operations of an Internet-based check creation and delivery service, and to require the group to give up over half a million dollars in ill-gotten gains. According to the FTC, Qchex.com created and sent checks drawn on any bank account that a Qchex user identified, but did not verify whether the user had authority to draw checks on that account. As a result, fraudsters worldwide used the Qchex service to draw thousands of checks on bank accounts that belonged to unwitting third parties. 'The evidence shows that the launch of Qchex.com was a "dinner bell" for fraudsters and resulted in a high number of accounts frozen for fraud...' said District Court Judge Janis Sammartino."

[How I know it took four years: http://www.msnbc.msn.com/id/7914159/



Prof Soma also pointed me to this article. And minutes later, so did Gary Alexander!

http://www.google.com/hostednews/ap/article/ALeqM5hKgBtxUPr-HQNXogsmcgJN4XjC2AD967RJNG1

Survey: Identity theft up, but costs fall sharply

By CANDICE CHOI

NEW YORK (AP) — The number of Americans ensnared by identity theft is on the rise, but victims are striking back more quickly and limiting how much is stolen.

In 2008, the number of identity theft cases jumped 22 percent to 9.9 million, according to a study released Monday by Javelin Strategy & Research. good news is that the cost per incident — including unrecovered losses and legal fees — fell 31 percent to $496.

Last year marked the first time the number of cases rose.

Online access accounted for only 11 percent of cases, according to the survey.

Despite the growing number of victims, the total fraud amount edged up just 7 percent to $48 billion over the previous year. That's because victims are uncovering cases faster to limit losses. Another reason is that financial institutions are taking more steps to thwart thieves, according to the Javelin study.



This is from the e-Discovery Blog. First time I've seen him comment on Privacy. (Of course, there is a connection.)

http://ralphlosey.wordpress.com/2009/02/09/it-workers-read-your-personal-email-and-us-law-is-generally-ok-with-that/

IT Workers Read Your Personal Email and U.S. Law is Generally OK with That

America is the land of the free, the brave, and the busybody; at least that is the way Europeans see us. Indeed, much of the world is surprised by the lack of privacy in the U.S., especially in the workplace where few corporations grant any privacy rights to their employees. At least one U.S. billionaire, Henry Nicholas, the co-founder and ex-CEO of Broadcom, now agrees with the Europeans. His defense of a criminal case recently suffered a major setback as a result of IT workers reading a personal email to his wife and then blabbing to the world about it. U.S. v. Nicholas, __F.Supp.2d__, 2008 WL 5546721 (C.D.Cal., Dec. 29, 2008).



Because your life isn't hectic enough?

http://blog.wired.com/business/2009/02/twitters-hackab.html

Twitter Fast Growing Beyond its Messaging Roots

By Michael Calore February 10, 2009 7:32:17 AM

Thanks to its open-ended design and a thriving user community, Twitter is fast outgrowing its roots as a simple, easy-to-use messaging service. Enterprising hackers are creating apps for sharing music and videos, to help you quit smoking and lose weight -- spontaneously extending the text-based service into one of the web's most fertile (and least likely) application platforms.

Hardware hackers have set up household appliances to send status alerts over Twitter, like a washing machine that tweets when the spin cycle is through, or a home security system that tweets whenever it senses movement inside the house. Others have incorporated Twitter into their DIY home automation systems. Forgot to turn off the lights? Send a tweet to flip the switch by remote control.

… Businesses are starting to be built around it. Botanicalls, for example, sells a Twitter-enabled hardware kit that lets your neglected house plants alert you when they're thirsty.

… File sharers were the first to rush in. The photo-sharing service TwitPic, one of the oldest Twitter mashups, lets users send pictures to their followers by storing a photo on its servers, then passing the link around on Twitter. Now there are newer apps like Tweetcube and Twittershare, which let users share larger media like MP3s and videos.

Twitter's limited format of short, text-based announcements are a natural match for sites like TrackThis, which you can use to get status updates on FedEx and UPS packages, and Tweetajob, which job seekers can use to get real-time updates about new job openings.

Anyone who needs help quitting smoking can use Qwitter to monitor their progress. Those looking to lose weight can turn to TweetWhatYouEat or TweetYourEats.



A step towards a “Best Practice?” At least a procedure to help avoid getting sued.

http://tech.slashdot.org/article.pl?sid=09/02/09/2024250&from=rss

Bruce Perens On Combining GPL and Proprietary Software

Posted by ScuttleMonkey on Monday February 09, @04:19PM from the how-not-to-get-sued dept. Software Linux Business

jammag writes

"Combining GPL and proprietary software is ever more common, especially in the world of embedded devices like cell phones. But the question is: how to combine them legally. As sticky as the issue is, there is an answer, as self titled "open source strategic consultant" Bruce Perens explains. The proper procedure entails fully understanding what type of open source software you're using, and knowing why you need to combine these disparate licenses. The problem, he notes, is that many companies don't know or care about doing this legally. 'They're used to just "clicking yes" with no regard to what they're committing themselves and their company to.' Hopefully Perens' guide can be read by more company execs — resulting in fewer lawsuits going forward (but we're not holding our breath)."

update 21:31 GMT by SM: Bruce wrote in to make sure we knew he was not a lawyer, even though he is weighing in on a legal issue; updated to reflect.



I've been looking for a project for the White Hat Hacker club. This looks interesting.

http://it.slashdot.org/article.pl?sid=09/02/10/0027241&from=rss

Metasploit Hacking Tool To Get Services-Based Model

Posted by kdawson on Monday February 09, @07:57PM from the at-your-services dept. Security IT

ancientribe writes

"Metasploit hacking tool creator HD Moore told Dark Reading that the open-source hacking tool soon will come with back-end services-based features aimed at offloading resource-intensive penetration testing tasks. This is a departure for the software-oriented Metasploit, and Moore and company just may be on to something: it turns out commercial penetration testing tool vendors are looking at adding services-based versions of their software. Immunity Inc. will do so this year, and Core Security Technologies is considering doing so as well."



One of the problems my Math students have is being able to solve some problems (X – 4 = 6) without understanding the process they used to get the answer.

http://news.yahoo.com/s/livescience/20090209/sc_livescience/studysuggestswhygutinstinctswork

Study Suggests Why Gut Instincts Work

LiveScience Staff LiveScience.com Mon Feb 9, 11:01 am ET

Sometimes when you think you're guessing, your brain may actually know better.

After conducting some unique memory and recognition tests, while also recording subjects' brain waves, scientists conclude that some gut feelings are not just guesswork after all. Rather, we access memories we aren't even aware we have.

… The findings were published online Sunday in the journal Nature Neuroscience.

… "Intuition may have an important role in finding answers to all sorts of problems in everyday life," Paller said



A tool for your Swiss Army Folder...

http://www.killerstartups.com/Web-App-Tools/lovelycharts-com-a-free-online-diagramming-tool

LovelyCharts.com - A Free Online Diagramming Tool

http://www.lovelycharts.com/

Generally speaking, LovelyCharts is an online diagramming application that enables any individual to come up with diagrams of different denomination – all for free. These include sitemaps, flowcharts and wireframes to name just a few.

Although diagrams are easy to understand, it is also true that the drawing process itself is a bit tricky. This solution aims to get around this problem by empowering users to drag and drop elements until they are satisfied with the finished design. Moreover, the drawing process itself is an interactive one, whereby the system makes assumptions based on the way you are headed.



Lists, I just love 'em.

http://news.cnet.com/8301-13880_3-10160103-68.html?part=rss&subj=news&tag=2547-1_3-0-5

Free alternatives to Windows' built-in utilities

by Dennis O'Reilly February 10, 2009 12:01 AM PST

I wouldn't give you a nickel for all the system tools that come with Windows. That's because I can replace them with programs that do the job better without having to spend even that much.

No comments: