Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: ID Theft

You’re Not Alone When You’re on Google

The New York Times – We know that. But the “privacy paradox” means we still act like we are. “…To fully apprehend our vulnerabilities as digital creatures would require far too much time and energy. More than that: It would require an entirely new set of instincts, a radically different cognitive framework from the one… Continue Reading

Your most sensitive data is likely exposed online. These people try to find it.

c/net: “Justin Paine sits in a pub in Oakland, California, searching the internet for your most sensitive data. It doesn’t take him long to find a promising lead. On his laptop, he opens Shodan, a searchable index of cloud servers and other internet-connected devices. Then he types the keyword “Kibana,” which reveals more than 15,000… Continue Reading

Most hacked passwords revealed in UK cyber survey

The National Cyber Security Centre’s first ‘UK cyber survey’ published alongside global password risk list NCSC’s first ‘UK Cyber Survey’ shows 42% of Brits expect to lose money to online fraud Breach analysis finds 23.2 million victim accounts worldwide used 123456 as password Global password risk list published to disclose passwords already known to hackers… Continue Reading

Range of Consumer Risks Highlights Limitations of Identity Theft Services

Data Breaches: Range of Consumer Risks Highlights Limitations of Identity Theft Services, GAO-19-230: Published: Mar 27, 2019. Publicly Released: Mar 27, 2019. “Data breaches have exposed the personal data of hundreds of millions of people and put them at risk for identity theft. We looked at what you can do if you’re a victim of… Continue Reading

Hackers Are Passing Around a Megaleak of 2.2 Billion Records

Wired: “When hackers breached companies like Dropbox and LinkedIn in recent years—stealing 71 million and 117 million passwords, respectively—they at least had the decency to exploit those stolen credentials in secret, or sell them for thousands of dollars on the dark web. Now, it seems, someone has cobbled together those breached databases and many more… Continue Reading

Cisco 2019 Data Privacy Benchmark Study

Cisco newsroom: “Organizations worldwide that invested in maturing their data privacy practices are now realizing tangible business benefits from these investments, according to Cisco’s 2019 Data Privacy Benchmark Study. The Study validates the link between good privacy practice and business benefits as respondents report shorter sales delays as well as fewer and less costly data… Continue Reading

(Don’t) Return to Sender: How to Protect Yourself From Email Tracking

EFF: “There are a lot of different ways to track email, and different techniques can lie anywhere on the spectrum from marginally acceptable to atrocious. Responsible tracking should aggregate a minimal amount of anonymous data, similar to page hits: enough to let the sender get a sense of how well their campaign is doing without invading users’… Continue Reading

Security Risks of Government Hacking

Schneider on Security: “Some of us — myself included — have proposed lawful government hacking as an alternative to backdoors. A new report from the Center of Internet and Society looks at the security risks of allowing government hacking. They include: Disincentive for vulnerability disclosure Cultivation of a market for surveillance tools Attackers co-opt hacking… Continue Reading

IG Audit finds continues flaws in OPM security of federal employee data

NextGov: “The Office of Personnel Management inspector general again found flaws in the agency’s contracting for the credit monitoring and ID theft services it provides to the more than 21.5 million current, former and prospective federal employees affected by the 2015 data breaches. OPM has gone through two different contracts for post-breach protections. The IG… Continue Reading

Bill Would Establish Cybersecurity Inspections, Impose Mandatory Penalties, and Compensate Consumers for Stolen Data

“United States Senators Elizabeth Warren (D-Mass.) and Mark Warner (D-Va.) today introduced the Data Breach Prevention and Compensation Act to hold large credit reporting agencies (CRAs) – including Equifax – accountable for data breaches involving consumer data. The bill would give the Federal Trade Commission (FTC) more direct supervisory authority over data security at CRAs,… Continue Reading

Equifax data breach fallout – hundreds of class action suits and SEC subpoena

Equifax faces hundreds of class-action lawsuits and an SEC subpoena over the way it handled its data breach “Equifax, the credit reporting firm, is facing more than 240 class-action lawsuits from consumers — in addition to suits from shareholders and financial institutions — over the way it handled a massive data breach that affected 145.5 million Americans. The… Continue Reading

Equifax says it owns all its data about you – really!

Senate Commerce Committee Hearing – Protecting Consumers in the Era of Major Data Breaches – November 8, 2017: “…“Massive data breaches have touched the vast majority of American consumers,” said [Senator John] Thune [R- S.D.]. “When such breaches occur, urgent action is necessary to protect sensitive personal information. This hearing will give the public the… Continue Reading