Equifax Data Breach Continues To Bear Poisoned Fruit.

About two weeks ago, when Equifax first revealed their massive data breach, it was noted by many that the company didn’t appear to be prepared nor equipped to deal with the demands of whatever contingency plans they had prepared for the day they would be hacked. That was on the first day after Equifax had […] read more

Equifax Hack Affects 143 Million SSNs.

Equifax, one of the three largest credit reporting agencies in the US, announced yesterday that they have been hacked. The leaked information includes full names, SSNs, birth dates, and addresses, among other data. It’s not the biggest hack to date – that dubious honor goes to Yahoo, which claimed 1 billion users and 500 million […] read more

Delaware Updates Data Breach Notification Rules.

Delaware, the second-smallest state but the leader in business incorporations, at least within the USA, has updated its legal framework regarding data breach notifications. Beginning on August 14, 2018, companies that experience a data breach must notify any affected individuals in Delaware within 60 days. In addition, credit monitoring – free of charge, of course […] read more

NIST Guy Who Came Up With Hair-Tearing Password Requirements Says He’s Sorry.

The “NIST midlevel manager” who came up with the crazy password requirements – well, technically, recommendations. You know, must include special characters, uppercase and lower case letters, alphanumeric – says that he’s sorry and that “much of what [he] did [he] now regret[s].” As the Wall Street Journal explains, Bill Burr was a manager at […] read more

Australia Looking To Compel Electronic Message Decryption.

Last week, Reuters and other sources reported that the Australian government has proposed laws that would compel companies to provide access to encrypted information. Obviously, asking for such data is conditional upon taking all the proper legal steps.   A Growing Demand Governments the world over have been clamoring for access to encrypted data for […] read more

UK ICO to SMEs: Data Protection Laws Apply to You.

The United Kingdom’s Information Commissioner’s Office (ICO) has slapped Boomerang Video Ltd. (BV), a company that rents out video games, with a £60,000 fine. The monetary penalty is the result of a 2014 data breach in which personal details of 26,000 people were stolen. The fine deserves another look because BV’s data breach was the […] read more

EU Proposes End-to-End Encryption and Other Security Measures.

Last week, the European Parliament’s Committee on Civil Liberties, Justice, and Home Affairs released a draft proposal that would require the use of end-to-end encryption. It would also strike legal attempts to force backdoors in encryption software or weaken the security of services given by communications providers. Amendment 36 Service providers who offer electronic communications […] read more

Michaud Case In Playpen Hack Gets Dropped By Feds.

One of the most controversial US legal actions in the past couple of years, arguably, is the FBI’s approach in arresting hundreds of child pornographers who were frequenting a site in the Dark Web. Because surfing the nether regions of the internet requires the use of a special, secure browser called Tor, the FBI exploited […] read more

TrueCrypt Users Being Infected With Malware “StrongPity”.

It’s not often than abandoned software makes news, but never say never. Apparently, certain hackers are distributing installers for TrueCrypt and WinRAR – respectively, a discontinued encryption program and a file compression tool – that have been infected with malware called “StrongPity”. The problem for people who are affected by the malware is that the […] read more

Sharing Passwords is Hacking, Which is a Federal Crime.

The controversies regarding cyberspace just keep burning brightly. In the past couple of weeks, the Ninth Circuit Court of Appeals ruled that the unauthorized sharing and use of passwords can be deemed as hacking, and thus can be a violation of the Computer Fraud and Abuse Act (CFAA). As noted by motherboard.vice.com and others, this […] read more