Target Settles With 47 Attorneys General Over 2013 Hack.

One of the biggest hacks in history was the Target credit hack of winter 2013, which affected approximately 60 million people. Four years later, Target is finally putting the situation behind, settling legal action brought to it by 47 states. The amount: $18.5 million. This does not include the many millions the Minnesota-based retailer paid […] read more

HIPAA/HITECH Doesn’t Require You To Be Perfect, But It Does Expect You To Follow The Rules.

A couple of recent Department of Health and Human Services (HHS) legal settlements emphasize paperwork over security, showing that a healthcare entity’s approach to safeguarding data must be holistic: yes, you need to use encryption, and lock doors, and hide screens from potential medical data peeping-toms…but you also need to make sure that you’ve followed […] read more

Tennessee Updates Law That Required Notification For Encrypted Personal Data Loss.

In 2016, Tennessee created something of a legal furor when it became the first state to require data breach notifications (DBN) even if the lost or stolen data was protected with encryption. Earlier this month, a new law took effect that “clarifies [this] confusion” for companies: they are not required to send DBNs if the […] read more

New Mexico Now Has A Data Breach Notification Bill.

New Mexico will be the latest US state to add a data breach notification law to its books. Once the bill officially becomes a law, only two states – Alabama and South Dakota – will remain outsiders to the crazy idea that people should be notified if their personal data is hacked. You can read […] read more

WikiLeaks Shows That Encryption Works, Even Against Spooks.

Last week, the world saw another bombshell announcement from WikiLeaks. Per their tweets and resulting confidential data dump, it was readily apparent that the CIA had amassed techniques for breaking into many kinds of digital devices imaginable: smartphones and computers, yes, but also things connected to the internet, like smart TVs (perhaps they’ve looked into […] read more

Laptop Encryption: Chesapeake Public Schools Laptop Theft Affects Over 10,000 Employees.

According to a couple of sources, Chesapeake Public Schools in Virginia is notifying employees about a potential data breach. Per their announcement, nearly 11,000 people could be affected by the theft of a laptop computer. It appears that laptop encryption software was not used to protect the contents. Password protection, however, was used. Assuming that […] read more

Cloud Services: Will It Be There When You Need It?.

How much should you (or can you) trust the cloud to be there when you need it? Last week, the top US internet sites went dark, on and off, for a couple of hours or so due to a historically unprecedented denial of service attack (DDoS). Over the past week, we’ve learnt that the assault […] read more

TrueCrypt Users Being Infected With Malware “StrongPity”.

It’s not often than abandoned software makes news, but never say never. Apparently, certain hackers are distributing installers for TrueCrypt and WinRAR – respectively, a discontinued encryption program and a file compression tool – that have been infected with malware called “StrongPity”. The problem for people who are affected by the malware is that the […] read more

Yahoo: 2 Years Late In Announcing Data Breach, Decided Not To Improve Security.

Yahoo is full of surprises as of late. Just last week, the company revealed that they had a massive data breach in 2014 – a situation made more scandalous because it was the media, not the company responsible, that spilled the beans. The scandal then grew larger when it was revealed that Yahoo had been […] read more

Yet Another US Court Says FBI Hacking Is Unauthorized Search, Won’t Suppress Evidence.

Earlier in the year, the FBI revealed that they had taken over a site in the dark web and reeled in hundreds of suspects in a sting operation. Due to the nature of the site (a shadowy community where its content very heavily leaned towards, but not exclusively to, child porn) many people online voiced […] read more