Items Tagged with "breaches"
Another Good Reason to Increase Internal Security
August 17, 2010 Added by:Brent Huston
The 2010 Verizon Data Breach Investigations Report is out, and let me say what a boon these reports are to the infosec community! It was compiled from nearly 900 actual incidents and includes a lot of input from the U. S. Secret Service...
Comments (0)
Hotels are Hotspot for Credit Card Fraud
July 20, 2010 Added by:Robert Siciliano
According to a recent study, 38% of all credit card breaches occur in hotels. Despite several high profile breaches that recently affected payment processors and banks, the financial services industry only accounts for 19% of breaches...
Comments (0)
Credit Card Data Breaches Cost Big Bucks
July 08, 2010 Added by:Robert Siciliano
Javelin’s survey shows that 26%, or one out of four U.S. consumers received a data breach notification last year from a company or agency holding their personal data, including credit and debit card or checking account information...
Comments (0)
Data Breaches Up in 2010
June 22, 2010 Added by:Jack Anderson
A data breach is painful for everyone, with the exception of the thief. The bad publicity, cost of notification, cost of internal and external audits, not to mention the loss to the person whose data is breached is enormous.
Comments (7)
Inside the Perplexities of Enterprise Privacy Policies
April 01, 2010 Added by:Rebecca Herold
An important consideration with information security incidents is identifying if personally identifiable information (PII) is involved. If it is, then the privacy breach response teamneeds to be put into action to determine whether or not an actual privacy breach occurred.
Comments (0)
Sometimes, some stuff should just stay private...
April 01, 2010 Added by:Jason Remillard
As reported in the past few days, a site selling Durex condoms have had a small 'exposure' problem. As reported, the site had been suffering (time length unknown) from several basic security exposures, including even allowing orders to be viewed online, without a login - simply by changing the order number!
Comments (0)
From the Web
Durex condom orders exposed on the Internet
March 22, 2010 from: Office of Inadequate Security
Remember the Astroglide breach, when customers who ordered samples of the lubricant had their personal details exposed online? Now there are allegations that Durex condom orders were leaking on the web.
Comments (0)
From the Web
Welcome Infosec Island Network readers
February 28, 2010 from: Office of Inadequate Security
Over the weekend, I added 19 financial, 21 business, 4 healthcare, 1 government and 1 not-for-profit breaches thanks to the Maryland Attorney General’s Office updating their web site. You may also be interested in reading how much manpower was involved in trying to identify whose data and what kinds of data were in the audio and video files on the 57 stolen BlueCross BlueShield hard drives.&...
Comments (1)
From the Web
19 more financial sector breaches from 2009
February 27, 2010 from: Office of Inadequate Security
Maryland has updated its web site to provide breach notifications that it has received since its last update. The newly posted notifications are for the period ending December 31, 2009, so there will likely be more to come for 2010
Comments (0)
From the Web
21 more business sector breaches from 2009
February 27, 2010 from: Office of Inadequate Security
Maryland has updated its web site to provide breach notifications that it has received since its last update. The newly posted notifications are for the period ending December 31, 2009, so there will likely be more to come for 2010
Comments (0)
From the Web
A rise in cyber attacks by one third saw 100 per cent of enterprises experience cyber losses in 2009
February 25, 2010 from: Saumil's Infosec Blog
According to Symantec's 2010 State of Enterprise Security study, 75 per cent of enterprises experienced cyber attacks in the last 12 months and 36 per cent rated the attacks somewhat/highly effective. Also, there was a 29 per cent rise in reported attacks in the last 12 months.
Comments (0)
From the Web
HIPAA complaints decreased significantly in 2009
February 01, 2010 from: Office of Inadequate Security
Dennis Melamed provides monthly HIPAA complaint statistics based reports by the HHS Office for Civil Rights (OCR). It seems that not only did breach reports in general decline in 2009 relative to 2008, but privacy and security complaints to HHS also declined.
Comments (1)
From the Web
New Data Breach Report: Malicious Attacks Doubled in 2009
January 25, 2010 from: Office of Inadequate Security
The number of malicious or criminal attack-related breaches was 24 percent — double the 12 percent of the 2009 study. “They are the most costly, and the types of attacks we found included botnet attacks and data-stealing malware,” Ponemon says. “There is more to worry about because I see this as a growing category. This number of criminal attacks will continue to increase i...
Comments (0)
From the Web
Hacking Takes Lead as Top Cause of Data Breaches
January 09, 2010 from: Office of Inadequate Security
Hacking has topped human error as the top cause of reported data breaches for the first time since such tracking began in 2007, according to the Identity Theft Resource Center’s 2009 Breach Report.In its report, titled “Data Breaches: The Insanity Continues,” the non-profit ITRC found that 19.5 percent of reported breaches were due to hacking, with insider theft as th...
Comments (0)
From the Web
Heartland in $60 mln settlement agreement with Visa
January 08, 2010 from: Office of Inadequate Security
Heartland Payment Systems Inc (HPY.N) said it reached a $60 million settlement agreement with Visa Inc (V.N), under which it will pay issuers of Visa-branded credit and debit cards for data security breach claims.
Comments (0)
From the Web
Heartland breach shows why compliance is not enough
January 06, 2010 from: Office of Inadequate Security
The [Heartland] intrusion led to the “stark realization that passing a PCI security audit does not make a company secure,” said Avivah Litan, an analyst at research firm Gartner Inc. “This was known well before the breach, but Heartland served as a big pail of ice water thrown on the face of companies complying with PCI,” she said.