Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: ID Theft

Most hacked passwords revealed in UK cyber survey

The National Cyber Security Centre’s first ‘UK cyber survey’ published alongside global password risk list

  • NCSC’s first ‘UK Cyber Survey’ shows 42% of Brits expect to lose money to online fraud
  • Breach analysis finds 23.2 million victim accounts worldwide used 123456 as password
  • Global password risk list published to disclose passwords already known to hackers
  • NCSC urges using 3 random words as passwords on the eve of CYBERUK 2019 event

Range of Consumer Risks Highlights Limitations of Identity Theft Services

Data Breaches: Range of Consumer Risks Highlights Limitations of Identity Theft Services, GAO-19-230: Published: Mar 27, 2019. Publicly Released: Mar 27, 2019. “Data breaches have exposed the personal data of hundreds of millions of people and put them at risk for identity theft. We looked at what you can do if you’re a victim of… Continue Reading

Hackers Are Passing Around a Megaleak of 2.2 Billion Records

Wired: “When hackers breached companies like Dropbox and LinkedIn in recent years—stealing 71 million and 117 million passwords, respectively—they at least had the decency to exploit those stolen credentials in secret, or sell them for thousands of dollars on the dark web. Now, it seems, someone has cobbled together those breached databases and many more… Continue Reading

Cisco 2019 Data Privacy Benchmark Study

Cisco newsroom: “Organizations worldwide that invested in maturing their data privacy practices are now realizing tangible business benefits from these investments, according to Cisco’s 2019 Data Privacy Benchmark Study. The Study validates the link between good privacy practice and business benefits as respondents report shorter sales delays as well as fewer and less costly data… Continue Reading

(Don’t) Return to Sender: How to Protect Yourself From Email Tracking

EFF: “There are a lot of different ways to track email, and different techniques can lie anywhere on the spectrum from marginally acceptable to atrocious. Responsible tracking should aggregate a minimal amount of anonymous data, similar to page hits: enough to let the sender get a sense of how well their campaign is doing without invading users’… Continue Reading

Security Risks of Government Hacking

Schneider on Security: “Some of us — myself included — have proposed lawful government hacking as an alternative to backdoors. A new report from the Center of Internet and Society looks at the security risks of allowing government hacking. They include: Disincentive for vulnerability disclosure Cultivation of a market for surveillance tools Attackers co-opt hacking… Continue Reading

IG Audit finds continues flaws in OPM security of federal employee data

NextGov: “The Office of Personnel Management inspector general again found flaws in the agency’s contracting for the credit monitoring and ID theft services it provides to the more than 21.5 million current, former and prospective federal employees affected by the 2015 data breaches. OPM has gone through two different contracts for post-breach protections. The IG… Continue Reading

Bill Would Establish Cybersecurity Inspections, Impose Mandatory Penalties, and Compensate Consumers for Stolen Data

“United States Senators Elizabeth Warren (D-Mass.) and Mark Warner (D-Va.) today introduced the Data Breach Prevention and Compensation Act to hold large credit reporting agencies (CRAs) – including Equifax – accountable for data breaches involving consumer data. The bill would give the Federal Trade Commission (FTC) more direct supervisory authority over data security at CRAs,… Continue Reading

Equifax data breach fallout – hundreds of class action suits and SEC subpoena

Equifax faces hundreds of class-action lawsuits and an SEC subpoena over the way it handled its data breach “Equifax, the credit reporting firm, is facing more than 240 class-action lawsuits from consumers — in addition to suits from shareholders and financial institutions — over the way it handled a massive data breach that affected 145.5 million Americans. The… Continue Reading

Equifax says it owns all its data about you – really!

Senate Commerce Committee Hearing – Protecting Consumers in the Era of Major Data Breaches – November 8, 2017: “…“Massive data breaches have touched the vast majority of American consumers,” said [Senator John] Thune [R- S.D.]. “When such breaches occur, urgent action is necessary to protect sensitive personal information. This hearing will give the public the… Continue Reading

Business Email Scams: Protecting Your Company’s Information

From the Pennsylvania Department of Banking and Securities, a succinct and very useful Infographic guide: “Business Email Compromise is a cyber threat targeted against businesses, both large and small, that typically involves a con artist targeting employees with access to company financial or sensitive documents. The scammers lead the employees to believe they are a… Continue Reading

EPIC Urges Congress To Hold Equifax Accountable, Update Data Protection Law

“EPIC has sent statements to Congress ahead of hearings in the House and Senate on the Equifax data breach. EPIC underscored the risk to American consumers of data breaches which are increasingly severe. EPIC urged Congress to require prompt data breach notification, data minimization, and privacy enhancing techniques. In 2011 EPIC testified in the House… Continue Reading