...and no one finds this surprising?
“After an extensive investigation, we conclude that we have no idea
what our computer systems are doing.”
Central Hudson Gas & Electric
Corporation has issued a press release updating its customers on the
breach disclosed in
February that affected 110,000 customers:
(POUGHKEEPSIE, NY)
Though New York State and federal law enforcement officials continue
to investigate the incident externally, forensic computer experts
have completed their internal investigation into the February
cyber-security incident that had the potential to
involve banking information for approximately one third of Central
Hudson Gas & Electric Corporation customers.
“Despite
an exhaustive review, these cyber-security forensic experts could not
confirm if any private banking information for any of our customers
was transferred,” said James P. Laurito, Central
Hudson’s president. “They also report that it is likely that it
may never be possible to document if information was transferred.
[ … ]
The investigation
conducted by an expert forensic computer firm on Central Hudson’s
internal systems confirmed that the incident was the result of
malware that infiltrated Central Hudson’s information systems
during or prior to September 2012 but likely lay
dormant until earlier this year, Laurito said. “The
malware, which Central Hudson personnel discovered and disabled on
February 19, 2013, was designed to seek out and export information.
While the potential exists that information contained on the front of
bank checks was exported, it cannot be confirmed what, if any,
information was ever actually transferred,” Laurito said.
How is it that the court will accept
“expert testimony” but there is nothing in the literature that
allows the court to make an independent evaluation? (Or am I missing
something?)
James (Jim) R. McCullagh and Amelia M.
Gerlicher of Perkins Cole recap the status and issues in a class
action lawsuit against Hannaford Bros:
This is the latest
opinion in the ongoing litigation arising out of a massive data
breach suffered by Hannaford Bros. grocery stores. In
re Hannaford Bros. Privacy Litigation, __F. Supp. 2d __, Case No.
2:08-MD-1954-DBH, 2013 WL 1182733 (D. Me. Mar. 20, 2013).
The litigation
arises out of a criminal attack on the payment card systems at the
Hannaford Bros. grocery chain in late 2007 and 2008, which
potentially affected over 4 million card numbers. The
district court initially dismissed the action after the plaintiffs
stipulated that none of the plaintiffs had incurred fraudulent
charges that had not been reimbursed. The court certified
a question to the Maine Supreme Judicial Court, which agreed that in
the absence of physical harm, economic loss or identity theft, the
time and effort spent to avoid or remediate reasonably foreseeable
harm did not constitute cognizable injuries for which damages may be
recovered under Maine law.[1]
On appeal, the
U.S. Court of Appeals for the First Circuit reversed with regard to
two of the claims, finding that the plaintiffs had alleged sufficient
injury for their negligence and implied breach of contract claims
because “fees for replacing cards and the cost of
identity theft protection products were foreseeable costs to mitigate
any harm arising from the data breach.”
Finding themselves
back before the district court, plaintiffs moved to certify a class
consisting of those “Hannaford customers who incurred out-of-pocket
costs in mitigation efforts that they undertook in response to
learning of the data intrusion.” The court addressed each of the
factors provided in Federal Rule of Civil Procedure 23 and ultimately
denied certification based only on a finding that
plaintiffs’ failure to provide expert testimony supporting its
theory of classwide damages meant that common issues would
not predominate with regard to damages. The plaintiffs moved for
reconsideration on April 4, 2013, further clarifying their theory of
damages and asking for 60 days to obtain and tender to the court
appropriate expert evidence.[2]
Because data breach class actions rarely get to this point, a
summary of the court’s review of each element follows.
Read their recap and analysis on
Perkins
Cole.
It's what you don't know that hurts
you...
April 16, 2013
New
Internet Security Threat Report from Symantec
2013
Internet Security Threat Report - "Key Findings:
- 42% increase in targeted attacks in 2012.
- 31% of all targeted attacks aimed at businesses with less than 250 employees.
- One waterhole attack infected 500 organizations in a single day.
- 14 zero-day vulnerabilities.
- 32% of all mobile threats steal information.
- A single threat infected 600,000 Macs in 2012.
- Spam volume continued to decrease, with 69% of all email being spam.
- The number of phishing sites spoofing social networking sites increased 125%.
- Web-based attacks increased 30%.
- 5,291 new vulnerabilities discovered in 2012, 415 of them on mobile operating systems."
Perspective
April 16, 2013
Experian
reveals a quarter of time online is spent on social networking
Experian
reveals a quarter of time online is spent on social networking:
London, 16 April 2013 – "Insights from Experian, the global
information services company, reveals that if the time spent on the
Internet was distilled into an hour then a quarter of it would be
spent on social networking and forums across UK, US and Australia.
In the UK 13 minutes out of every hour online is spent on social
networking and forums, nine minutes on entertainment sites and six
minutes shopping."
More perspective.
April 16, 2013
Report
- Big Data, Big Brains
"This report on Big
Data is the first MeriTalk Beacon, a new series of reports
designed to shed light and provide direction on far reaching issues
in government and technology. Since Beacons are designed to tackle
broad concepts, each Beacon report relies on insight from a small
number of big thinkers in the topic area. Less data. More insight.
Real knowledge... Mankind created 150 exabytes (billion gigabytes)
of data in 2005, and 1,800 exabytes in 2012; growth that only
continues to accelerate. Every minute, users: Upload 48
hours of video to YouTube; Send 204 million emails; Spend
$207,000 via the web; Create 571 new websites. Within the
Federal government; U.S. drone aircraft sent back 24 years worth of
video footage in just 2009. Every 24 hours, NASA’s Curiosity rover
can send nearly three gigabytes of data, collecting in mere days the
equivalent of all human knowledge through the death of Augustus
Caesar – from Mars."
I'm sure I must have missed them, but
this is the first “Management” publication I recall having ever
seen. That may explain a lot.
MANAGING
FOR RESULTS
The designation of senior-level
officials to key performance management roles with responsibilities
under the Government Performance and Results Act Modernization Act of
2010 (GPRAMA) has helped elevate accountability for performance
management within federal agencies and ensure high - level
involvement, according to officials GAO interviewed. [What
are they going to say? “We suck at our jobs!” Bob]
Sounds like a fun addition to the
genealogy files...
April 16, 2013
Get
Grandpas FBI File.com Website Now Makes Getting FBI Files Easy
News
release: "The process for obtaining FBI files about family
members who may have been the subject of a federal investigation has
just become much simpler with the help of a step-by-step consumer
website: GetGrandpasFBIfile.com
established by Virginia-based Meme Transmission Enterprises... The
Federal Bureau of Investigation maintains billions of pages of
records and millions of files -– all compiled using taxpayer
dollars. But the clock is ticking. Recently, the FBI has begun
destroying the bulk of its historic files to save space. Only a very
tiny fraction of its voluminous files will be preserved at the
National Archives So time is of the essence in asking for files
before they are gone forever. Get Grandpas FBI File makes it easy to
get these files by guiding the public through the process of
completing a request letter. The website does not ask for any
payment, and most requests for FBI files are processed by the FBI
without any fees whatsoever."
I really do use this...
Wikispaces
Introduces a Brand New Look for Classroom Wikis
Wikispaces
has been a great supporter of classrooms for years now. They
allow any teacher to use their services to create wikis for free and
without advertising. Today, Wikispaces introduced a brand
new look for classroom
Wikispaces
Classroom is a new, free offering from Wikispaces. From the
first look you'll notice that Wikispaces Classroom is quite different
from the old Wikispaces format. Wikispaces Classroom simplifies the
layout of pages to put only the tools students need in order to edit
a page on display and hides the tools students don't need. On the
management side of things Wikispaces Classroom is arranged to make it
easy for teachers to quickly manage projects, alter settings, and see
reports on students' use of the wiki.
Wikispaces is offering some free
webinars about the new Wikispaces Classroom. You can get more
information about those webinars
here.
Applications
for Education
Last year I wrote 5
Ways You Can Use Wikis With Students. Included in that list is
creating digital reference pages as alternatives to textbooks. That
was one of my primary uses of wikis when I taught a ninth grade
geography class that didn't have a current textbook. I often started
a set of pages and had students finish the pages. The new Wikispaces
Classroom has a tool that I wish I had then to quickly see not only
when students accessed pages, but also what they did on the pages.
No comments:
Post a Comment