Yahoo is expected to confirm massive data breach, impacting
hundreds of millions of users
Yahoo is poised to confirm a massive data breach of its
service, according to several sources close to the situation, hacking that has
exposed several hundred million user accounts.
While sources were unspecific about the extent
of the incursion, since there is the likelihood of government investigations
and legal action related to the breach, they noted that it is widespread and
serious.
Earlier this summer, Yahoo said it was
investigating a data breach in which hackers claimed to have access to 200
million user accounts and was selling them online. “It’s as bad as that,” said one source. “Worse, really.”
… But there’s
nothing smooth about this hack, said sources, which became
known in August when an infamous cybercriminal named “Peace” said on a
website that he was selling credentials of 200 million Yahoo users from 2012 on
the dark web for just over $1,800. The
data allegedly included user names, easily
decrypted passwords, personal information like birth dates and
other email addresses.
At the time, Yahoo said it was “aware of the
claim,” but the company declined to say if it was legitimate and said that it
was investigating the information. But
it did not issue a call for a password reset to users. Now, said sources, Yahoo might have to,
although it will be a case of too little, too late.
Is that the same as saying, “before the potential breach
was discovered, we hadn’t bothered to secure the system?”
The day after an FBI
investigation descended on the Camden County Courthouse,
County Attorney Charles McElyea has acknowledged a “possible security breach”
of the courthouse computer systems.
McElyea said once the potential breach was discovered, “the Camden County Commission
took immediate steps to secure the system and started an
investigation to determine if there was in fact a breach of the system, how it
might have occurred and how to prevent such a breach in the future.”
Read more on LakeExpo.com.
I guess we’ll have to wait to find out what this is about,
although it sounds like some insider wrongdoing is suspected.
For my Governance students.
Paper – Examining the costs and causes of cyber incidents
by Sabrina
I. Pacifici on Sep 21, 2016
Examining the costs and causes of cyber incidents, Sasha
Romanosky, Journal of Cybersecurity, DOI: http://dx.doi.org/10.1093/cybsec/tyw001. First published online: 25 August 2016.
“In 2013, the US President signed an executive order
designed to help secure the nation’s critical infrastructure from cyberattacks.
As part of that order, he directed the
National Institute for Standards and Technology (NIST) to develop a framework
that would become an
authoritative source for information security best practices. Because adoption of the framework is
voluntary, it faces the challenge of incentivizing firms to follow along. Will frameworks such as that proposed by NIST
really induce firms to adopt better security controls? And if not, why? This research seeks to examine the composition
and costs of cyber events, and attempts to address whether or not there exist
incentives for firms to improve their security practices and reduce the risk of
attack.
… Specifically, we
find that the cost of a typical cyber incident in our sample is less than
$200 000 (about the same as the firm’s annual IT security budget), and
that this represents only 0.4% of their estimated annual revenues.”
(Related) Another consideration for Governance.
Achieving Trust Through Data Ethics
Success in the digital age requires a new kind of
diligence in how companies gather and use data.
… Digital trust — identified
as a key
trend in the Accenture Technology Vision 2016 report — is very difficult
for businesses to build with customers, but very easy to lose.
It’s not just for “International Terrorist Masterminds”
and more.
… there are all
sorts of good — non-criminal — reasons why you may want to have a second
phone number. While you may want to get a second physical phone, for most purposes, you can just
get an app on your existing phone.
Why Use a Burner App?
- Online dating is more popular than ever, but it does carry certain risks, particularly for women. Using a temporary number provides a valuable extra layer of privacy.
- If you’re buying or selling something on Craigslist, or placing an ad anywhere, a disposable number means you don’t have to deal with calls once your business is done.
- If you’re job hunting, you may be expecting a lot of calls from unknown numbers. It’s good to know that these are related to your job search before you answer.
- If you’re moving to a different area, or even a different country, you might want to pick up a local number before you move.
- If your job requires you to be on call or you’re running your own business, you’ll want a dedicated number that you know to answer professionally and can ignore when you’re off the clock, without having to carry two phones.
- If someone is monitoring your calls and texts (like an abusive parent or partner), you can reach out for help using a number they don’t have access to.
A growing number of twits or more people/agencies
requesting?
US increases requests for account info from Twitter
The U.S. government increased its requests for information
from Twitter in the first half of 2016, according to a report released
by the social networking site Wednesday.
From Jan. 1 to June 30, the U.S. government made 2,520
requests for information, up from 2,436 in the first half of last year.
The report says that Twitter produced some information in
82 percent of requests.
Nothing like a last minute law to fix years of no
planning!
New legislation seeks to prevent U.S. voting systems from
being hacked
A U.S. lawmaker has introduced two bills to protect voting
systems from hacking, amid fears that Russian cyber spies may be interfering
with this year's presidential election.
Representative Hank Johnson, a Democrat serving Georgia,
is proposing a moratorium on state
purchases of electronic voting machines that don't produce a paper trail. His Election Integrity Act, introduced
Wednesday, would also prohibit voting systems
from being connected to the internet as a way to prevent online
tampering.
… Johnson's second
bill proposes designating U.S. voting systems as critical infrastructure,
meaning that the federal government would take a role in protecting it. The country's electrical grid and banking
sector are among those already designated as critical infrastructure.
Johnson's bill would also require the Department of
Homeland Security to submit a plan to Congress to protect the U.S. election
process from threats including cyber terrorism. In addition, it asks that better standards be
developed so that citizens can verify their votes.
A new world! What
else would this work for?
Mortgages? Student loans?
P2P insurance firm Lemonade launches out of stealth, powered
by chatbots, morals, and big bucks
Lemonade, a
peer-to-peer (P2P) insurance firm that’s been in stealth for a year, has
finally launched to the public in its first market.
… Lemonade
announced today that it is now a fully licensed insurance carrier in New York,
which means homeowners and tenants across the state can get insured and settle
claims on the spot, across multiple devices.
… Lemonade is also
setting out to combat existing models through an annual “giveback,” where it
donates unclaimed money to good causes. Through
the app, users select a cause that they care about, and this cause-creation
process generates virtual groups of like-minded people — or “peers.” (Why not “giveback”
to me? Bob)
Premiums from each group cover any claims made by
individuals, with leftover money going to their common cause. And Lemonade makes money by taking a 20
percent flat fee from monthly policy payments.
(Related) …and they’re all going to need insurance!
Mobile Networks Are Key to Global Financial Inclusion, Report
Finds
The ubiquity of cellphones could allow a rapid expansion
of financial services throughout the developing world, with major implications
for growth and credit accessibility, a McKinsey & Co. report concludes.
“With the technology that’s available today you could
provide billions of people and millions of businesses opportunities that don’t
exist to them today,” Susan Lund, co-author of the McKinsey Global Institute report on digital finance, said in an interview.
The report found that with coordinated action by financial
firms, telecommunications companies and developing-country governments, some 1.6 billion people could gain access to financial
services by 2025, all without major new expenditures on physical infrastructure.
Be as smart as a Congressman. (A rather low bar, but better than nothing.)
Researching Current Federal Legislation and Regulations: A
Guide to Resources for Congressional Staff
by Sabrina
I. Pacifici on Sep 21, 2016
Researching Current Federal Legislation and Regulations: A
Guide to Resources for Congressional Staff, Jerry W. Mansfield, Lead
Information Services Coordinator. September
19, 2016.
“This report is designed to introduce congressional staff
to selected governmental and nongovernmental sources that are useful in
tracking and obtaining information on federal legislation and regulations. It includes governmental sources, such as
Congress.gov, the Government Publishing Office’s Federal Digital System
(FDsys), and U.S. Senate and House websites. Nongovernmental or commercial sources include
resources such as HeinOnline and the Congressional Quarterly (CQ) websites. The report also highlights classes offered by
the Congressional Research Service (CRS) and the Law Library of Congress.”
This is Apple being innovative? Are the people who buy iPhones also into
motorcycles?
Apple Is Said to Be Talking to Vehicle Technology Companies
… Apple is also in
talks with Lit Motors, a San Francisco start-up that has developed an electric self-balancing motorcycle, about
a potential acquisition, according to three people who spoke on the condition
of anonymity. Apple has already hired
several former Lit Motors engineers.
No comments:
Post a Comment