Smartphone Encryption: FBI and Apple At It Again?.

Following the worst mass shooting in Texas history, the Federal Bureau of Investigation has announced in a press conference that they’re unable to get into the smartphone of the shooter. The reason? Encryption. While the brand of the smartphone was not officially revealed at the time (so as to not alert the “baddies” which one […] read more

Hilton To Pay $700,000 Over 2015 Data Breach, Slow Notifications.

The New York attorney general has announced a $700,000 settlement with Hilton Worldwide Holdings over issues related to the two data breaches that occurred in 2014 and 2015. $400,000 will go to New York. The remaining goes to Vermont which collaborated in the investigation.   Reported Breaches Late, In November 2015 Multinational corporations being hacked […] read more

FBI Unable to Access 7000 Encrypted Devices in 2017.

At the International Association of Chiefs of Police conference, held in Philadelphia last week, Federal Bureau of Investigation Director Christopher Wray noted that the FBI has nearly 7,000 encrypted devices it cannot access. Per the phillyvoice.com: In the first 11 months of the fiscal year [2017], federal agents were unable to access the content of […] read more

47.5 GB of PHI Left Exposed on the Cloud. (That’s 316,000 PDFs).

According to gizmodo.com, security researchers at Kromtech Security Center found a wide-open Amazon Web Services (AWS) bucket that contained over 300,000 PDFs, each one a medical file that would fall under the governance of the Health Insurance Portability and Accountability Act (or HIPAA which, arguably, finally jumpstarted the drive towards encrypting sensitive digital files thanks […] read more

Equifax Data Breach Continues To Bear Poisoned Fruit.

About two weeks ago, when Equifax first revealed their massive data breach, it was noted by many that the company didn’t appear to be prepared nor equipped to deal with the demands of whatever contingency plans they had prepared for the day they would be hacked. That was on the first day after Equifax had […] read more

Equifax Hack Affects 143 Million SSNs.

Equifax, one of the three largest credit reporting agencies in the US, announced yesterday that they have been hacked. The leaked information includes full names, SSNs, birth dates, and addresses, among other data. It’s not the biggest hack to date – that dubious honor goes to Yahoo, which claimed 1 billion users and 500 million […] read more

Delaware Updates Data Breach Notification Rules.

Delaware, the second-smallest state but the leader in business incorporations, at least within the USA, has updated its legal framework regarding data breach notifications. Beginning on August 14, 2018, companies that experience a data breach must notify any affected individuals in Delaware within 60 days. In addition, credit monitoring – free of charge, of course […] read more

NIST Guy Who Came Up With Hair-Tearing Password Requirements Says He’s Sorry.

The “NIST midlevel manager” who came up with the crazy password requirements – well, technically, recommendations. You know, must include special characters, uppercase and lower case letters, alphanumeric – says that he’s sorry and that “much of what [he] did [he] now regret[s].” As the Wall Street Journal explains, Bill Burr was a manager at […] read more

Australia Looking To Compel Electronic Message Decryption.

Last week, Reuters and other sources reported that the Australian government has proposed laws that would compel companies to provide access to encrypted information. Obviously, asking for such data is conditional upon taking all the proper legal steps.   A Growing Demand Governments the world over have been clamoring for access to encrypted data for […] read more