Data Breach Results In Loss Of $350 Million in Yahoo-Verizon Deal.

Last week, Verizon finally decided to go forward with the acquisition of Yahoo, the perennial would-be comeback internet search and media company. The deal, announced last year, saw an unusual delay when Yahoo revealed that it had been hacked, the largest data breach in history as of then. This was followed a couple of months […] read more

UK Encryption: Royal & Sun Alliance Insurance Fined £150,000 For Stolen Hard Drive.

The UK’s Information Commissioner’s Office (ICO) has fined an insurance company, Royal & Sun Alliance (RSA), a total of £150,000 for the theft of an external storage device with information on nearly 60,000 clients (and credit card details for 20,000 people).   Stolen From a Locked Room Unlike your run-of-the-mill hard drive theft cases, there […] read more

Netherlands Officially Files 5,500 Breach Notifications In 2016.

The Personal Data Protection Authority of the Netherlands (Autoriteit Persoonsgegevens, “AP”) revealed last week that they received nearly 5,500 data breach notifications in 2016, the first year of mandatory data breach notifications for the European country. This contrasts with the 980 data breaches in the same period for the US, compiled by the Identity Theft […] read more

Laptop Encryption: Chesapeake Public Schools Laptop Theft Affects Over 10,000 Employees.

According to a couple of sources, Chesapeake Public Schools in Virginia is notifying employees about a potential data breach. Per their announcement, nearly 11,000 people could be affected by the theft of a laptop computer. It appears that laptop encryption software was not used to protect the contents. Password protection, however, was used. Assuming that […] read more

California Accountants Hacked To File Fraudulent Tax Returns.

Time has shown that all types of businesses are targets for hacking. The big ones, because they have money. The small and medium-sized businesses, because they have money, although less of it than big enterprises. Stories of phishing or hacking into computers that host electronic banking activities have popped up in the news frequently. Here’s […] read more

Data Security: Social Engineering Still More Effective Than Zero-Day Hacks.

According to a security company’s 100 penetration attempts, most organizations succumb to five attacks, none of which involve malware or zero-day flaws. The top five attacks, according to darkreading.com: abuse of weak domain user passwords — used in 66% of Praetorian pen testers’ successful attacks broadcast name resolution poisoning (like WPAD) — 64% local admin […] read more

Longer Passwords Is The Way To Security.

In a continuation to the post from last week, it looks like it’s not only the FTC’s Chief Technologist that is waging war against the periodic renewal of passwords. The National Institute of Science and Technology (NIST) is apparently onboard as well, and they will also be recommending that something be done about password complexity […] read more

Sharing Passwords is Hacking, Which is a Federal Crime.

The controversies regarding cyberspace just keep burning brightly. In the past couple of weeks, the Ninth Circuit Court of Appeals ruled that the unauthorized sharing and use of passwords can be deemed as hacking, and thus can be a violation of the Computer Fraud and Abuse Act (CFAA). As noted by motherboard.vice.com and others, this […] read more