The Obama administration's plan for a federal data breach notification policy is too vague to be effective, and it lacks teeth to penalize violators, according to experts who raise open questions about the proposal.
ThreatMetrix's Taussig says device identification must be part of layered security measures. Banking regulators want financial institutions to deploy multiple layers of online security. But what does that expectation mean when it comes to investments in fraud detection?
A silver lining is emerging behind the rash of breaches that occur all too regularly. The fact that these breaches make the public more aware of the vulnerabilities is encouraging in efforts to make the Internet safer for all.
Sony says personal information from more than 100 million customer accounts has been breached. The information includes customers name, addresses, e-mail addresses, birth dates, gender, phone numbers, login names and hashed passwords.
The non-standardized collection device is responsible for 13 percent of the biometric records maintained by DOD, representing some 630,000 DoD records that cannot be searched automatically against FBI's database of about 94 million records.
Sony Corp.'s announcement that hackers may have accessed data on 77 million gamers follows a long line of recent breaches. And Neal O'Farrell of the Identity Theft Council says the string of incidents has led to consumer 'breach fatigue.'
"We took our understanding of the tools, tradecraft and techniques used by these malicious actors, and converted it into actionable information that ... would lower their risk to the type of attack we saw at RSA," DHS Secretary Janet Napolitano says.
The latest Verizon Data Breach Investigations Report is out, and the good news is: The number of compromised records is down. The troubling news is: The number of breaches is up. Bryan Sartin, one of the report authors, explains why.
As details about the Epsilon e-mail breach unfold, the list of affected companies grows, including major banks and merchants. Here is the latest list of the companies known to have been impacted by the incident.
The Social Security Administration sold the information in a database of deceased individuals that erroneous contained the Social Security numbers, dates of birth, full names and ZIP codes of living people, the inspector general reports.
Heartland Payment Systems hacker Albert Gonzalez seeks to overturn his conviction and 20-year sentence, a record for a computer breach, maintaining he committed his crimes with the knowledge of his Secret Service handlers.