Tag: privacy

Retailers Demanding Federal Action on Data Breach

Add retailers to the chorus of voices calling for federal legislation on cyber security and data protection. In an unusual move, retail groups from across the U.S. sent a letter to Congressional leaders that urged them to pass federal data protection legislation that sets clear rules for businesses serving consumers. The letter, dated November 6, was addressed to the majority and minority party leaders of the U.S. Senate and the House of Representatives and signed by 44 state and national organizations representing retailers, including the National Retail Federation, the National Grocers Association, the National Restaurant Association and the National Association of Chain Drug Stores, among others.   “The recent spate of news stories about data security incidents raises concerns for all American consumers and for the businesses with which they frequently interact,” the letter reads. “A single federal law applying to all breached entities would ensure clear, concise and consistent notices to all […]

Continue Reading

Metadata Matters: EFF To Argue Collection Violates Constitution

Lawyers from The Electronic Frontier Foundation will argue on Tuesday that the U.S. government’s bulk collection of phone records and other “metadata” is a violation of the Constitution’s protection against unlawful searches. In a blog post on Monday, EFF said that it plans to make oral arguments before the D.C. Circuit Court of Appeals on Tuesday and will argue that the call records collected by the government constitute “intimate portraits of the lives of millions of Americans” that are protected under the Constitution’s Fourth Amendment. The EFF is presenting in the Klayman vs. Obama, a 2013 case filed by Larry Klayman, conservative activist, in the immediate aftermath of the publication of data leaked by former NSA contractor Edward Snowden. EFF and the ACLU filed an amicus brief in that case in August. The government’s argument is that the bulk collection of phone records is legal under a precedent called “third party doctrine,” which […]

Continue Reading

Customer Support A Weak Link In Two Factor | Ars Technica

Ars Technica has an interesting write-up on an apparently successful compromise of Google’s two-factor authentication technology. Though in this case, the culprit wasn’t any system Google deployed or managed, but a gullible customer support representative working for the victim’s cell phone carrier. According to this post over at Facebook-for-hipsters site Ello.co, Grant Blakeman woke up on a recent Saturday morning to find that his Google account had been hijacked – despite the fact that he used Google’s two-factor authentication to protect access to the account. How? Blakeman enlisted the help of none-other than Mat Honan, whose own struggles with account hijacking became the subject of a much-cited Wired feature article. As with Honan, Blakeman’s valuable three-character Instagram account, @gb, appears to have been the lure for hackers. (Honan’s @mat Twitter account was what lured his attackers.) Read “Researchers sidestep Paypal Two-Factor Authentication.” After a conversation with Honan, Blakeman contacted his cell provider and […]

Continue Reading

Cyber insurance: Only fools rush in | ITworld

Cyber incidents these days tend to follow a familiar pattern: law enforcement is contacted and will begin criminal investigations. Cyber forensic investigators are hired to piece together what happened and security consultants will analyze and remove the malware from any affected systems. Finally: customers who were affected are notified and – typically -offered free credit monitoring services. All of these services come at a cost, of course, as does the business disruption that results. Current cyber insurance policies are structured to recover some or most of those costs. Now companies – from the Fortune 10 on down – are looking to hedge their online risks with various kinds of business insurance. That demand, in turn, is fueling a rapid expansion of the cyber insurance industry that was little more than a niche offering five years ago. But insurance industry experts and corporate security professionals offer words of advice for companies that think they […]

Continue Reading

Obama Uses Executive Order To Push Chip and Pin

Add data security to the long list of issues on which U.S. President Barack Obama has resorted to unilateral action in order to push the government forward on a crucial matter. On Friday, President Obama signed an Executive Order directing the government to require the use of so-called “chip and PIN” technology for any newly issued or existing government debit and credit cards. The Order was intended to make the federal government “lead by example in securing transactions and sensitive data,” the White House said in a statement. The new BuySecure Initiative will provide consumers with more tools to secure their financial future by assisting victims of identity theft, improving the Government’s payment security as a customer and a provider, and accelerating the transition to stronger security technologies and the development of next-generation payment security tools. The Order launches a new initiative dubbed “BuySecure” intended to “drive the market towards more secure payment systems” […]

Continue Reading
1 26 27 28 29 30 50