Equifax Already Had a Data Breach Before It Was Hacked In 2017.

According to wsj.com (paywalled), Equifax had already suffered a data breach before the data breach that made the company famous around the world. In 2015, two years before the hack that started with a bang and ended with less than a whimper, “Chinese spies” made off with “thousands of pages of proprietary information” that includes […] read more

Anthem Data Breach Settled for $115M, Despite Having “Reasonable” Security.

Last week, a federal judge approved a settlement – the largest to date when it comes to data breaches – that is historic and yet falls flat: Anthem, the Indianapolis-based insurer, has agreed to pay a total of $115 million to settle all charges related to its 2015 data breach. The breach, strongly believed to […] read more

Survey Says Data Breaches Result In Long-Term Negative Impact.

According to darkreading.com, a recent survey commissioned by CA Technologies has shown that there can be serious repercussions for companies that fall victim to data breaches. If the survey’s conclusions are to be believed, about half of the organizations that were involved in a data breach see “long-term negative effects on both consumer trust (50%) […] read more

FBI Director Says Legislation Possibly A Way Into Encrypted Devices.

Last week, FBI Director Christopher Wray said that legislation may be one option for tackling the problem of “criminals going dark,” a term that refers to law enforcement’s inability to access suspects’ data on encrypted devices. The implication is that, in the interest of justice and national security, the FBI will press for a law […] read more

Yahoo Penalized £250,000 By UK Information Commissioner’s Office.

It was reported this week that the United Kingdom’s Information Commissioner – the person whose department is in charge of upholding the nation’s data privacy laws – has penalized Yahoo! UK Services Limited with the amount of £250,000. The penalty is in response to the global data breach Yahoo experienced, and hid, for over two […] read more

FBI Inflated Encrypted Smartphone Count.

Over a number of years, the FBI kept making the case for an encryption backdoor to smartphones. Of course, because “encryption backdoor” is a charged term, they said that they didn’t need a backdoor per se, just a (secret) reliable way to get into encrypted devices when they obtained a warrant. This twisting of words […] read more

Yahoo (ie, Altaba) Settles Two Lawsuits Tied To Huge Data Breach.

Last week, Yahoo (now reborn as Altaba after Verizon’s acquisition) announced a settlement with the SEC over misleading investors regarding the biggest data breach in known history. The crime: not revealing it in a timely manner. It was one of the many lawsuits the company is fighting currently as a result of the data breach. […] read more

Florida Government Hard Drives Stolen For Games.

Many, if not most, data security professionals will tell you that you should run a risk assessment and accordingly develop your plans for securing information, sensitive or otherwise. Then there are others who will counsel that one should secure as much as possible: obviously protect what represents a high risk situation, but never discount the […] read more

Panera Data Breach: Further Proof That People Need Strong Data Security Laws.

Panera Bread has a public relations fiasco on its hands. It has embroiled itself in one of the most tragicomic data breaches the world has seen in a while, a breach that could have been easily avoided. Dylan Houlihan, the finder and eventual whistleblower of the security issue, has created a post providing the authoritative […] read more