Tag: data privacy

With $200k Fine, FTC Finds Trust-e Not Very Trusty

The U.S. Federal Trade Commission fined TRUSTe, a for profit organization that is a leading provider of online reputations, $200,000 for misleading consumers about its web site monitoring services. On Monday, the Commission announced a settlement with TRUSTe over allegations that the company failed to perform annual compliance checks on more than 1,000 domains that earned its TRUSTe Certified Privacy Seal” between 2006 and 2013. The company also acknowledged making misleading statements about its for-profit status. “TRUSTe promised to hold companies accountable for protecting consumer privacy, but it fell short of that pledge,” said FTC Chairwoman Edith Ramirez in an official statement. “Self-regulation plays an important role in helping to protect consumers. But when companies fail to live up to their promises to consumers, the FTC will not hesitate to take action.” TRUSTe is a critical player in the online trust business. The company provides seals to businesses that meet […]

Continue Reading

Thread Gets Boost from Freescale Beta Program | EDN

We covered the announcement of Thread, a proposed IoT communications standard back in July. The question for Thread, as with competing IoT standards like Open Internet Connect and The AllSeen Alliance, is who will adopt it. Needless to say: without the embrace of software and device makers, even the best standard will wither on the vine. Now its seems like Thread is getting a boost from Freescale Semiconductor. That company last week announced a beta program that will give developers access to its own implementation of the Thread draft specification. As this report over at EDN Newtork notes, Freescale said at the Electronica 2014 conference that it is offering Thread-compliant versions of its Kinetis W series of wireless microcontrollers.  The move is designed to encourage companies to create Thread-enabled products based on Freescale’s Kinetis platform. Freescale’s Kinetis family of devices are designed to enable connections between devices for home automation, healthcare, smart energy […]

Continue Reading

US Postal Service Suspends Telecommuting Following Massive Data Breach

Following a publicized breach at the US Postal Service, that organization is discontinuing virtual private network (VPN) connections into its network, according to reports. The Postal Service took the unusual step after acknowledging, earlier this week, that a breach of their network security exposed data on 800,000 employees and 2.9 million customers. According to a statement from a USPS spokesman to the online publication Dark Reading, the virtual private network (VPN) service for postal employees was taken down this weekend and will not be brought back up until a version with more “robust security features can be installed.” “As a result, telecommuting has been suspended until further notice,” he said. Remote access tools including VPNs and remote desktop applications like Citrix are a frequent source of compromises of corporate networks. Most recently, compromised employee systems are believed to be the source of an attack on JP Morgan’s network. VPN software that was vulnerable to the […]

Continue Reading

Retailers Demanding Federal Action on Data Breach

Add retailers to the chorus of voices calling for federal legislation on cyber security and data protection. In an unusual move, retail groups from across the U.S. sent a letter to Congressional leaders that urged them to pass federal data protection legislation that sets clear rules for businesses serving consumers. The letter, dated November 6, was addressed to the majority and minority party leaders of the U.S. Senate and the House of Representatives and signed by 44 state and national organizations representing retailers, including the National Retail Federation, the National Grocers Association, the National Restaurant Association and the National Association of Chain Drug Stores, among others.   “The recent spate of news stories about data security incidents raises concerns for all American consumers and for the businesses with which they frequently interact,” the letter reads. “A single federal law applying to all breached entities would ensure clear, concise and consistent notices to all […]

Continue Reading

Third Party Vendor Source of Breach at Home Depot

Add Home Depot to the list of companies who have been victimized as a result of a third party contractor or supplier. The home improvement giant said in a statement on Thursday that the criminals that attacked the company’s network first gained access to the “perimeter” of Home Depot’s network. Target, the box store retailer, sketched out a similar scenario to describe the breach that resulted in the theft of 70 million credit cards numbers from its customers. In that case, a company that serviced HVAC systems in Target’s headquarters was reported as the source of the breach. Home Depot said that attackers were able to move within its network by elevating their level of network access and install what Home Depot described as “unique, custom-built malware” on self-checkout systems in the U.S. and Canada. The revelations about the circumstances of the breach came on a day when Home Depot […]

Continue Reading
1 87 88 89 90 91 131