We see this problem too often. It is because web site operators don’t really understand the impact of their actions in many cases. More importantly, this may impact you and your web site. Okay, lets talk about what the Postal Service did. Magazine publisher Tech Crunch discovered that the USPS was sharing customers’ information with […]
Continue reading → [DISPLAY_ACURAX_ICONS]In an example of dozens of known breaches and likely thousands of similar situations which never get reported, security researcher Jeremiah Fowler discovered a non-password protected, unsecured (sort of redundant) database containing 38.6 million records belonging to legal support services company Rapid Legal. The information left exposed included court documents, service agreements and payment information […]
Continue reading → [DISPLAY_ACURAX_ICONS]Let me give you the answer up front – we won’t know the full extent of it for years. Okay, first what is Chevron? In the last days of this year’s Supreme Court term, the court issued a ruling that says that the forty year old Supreme Court ruling, Chevron, the court said that lower […]
Continue reading → [DISPLAY_ACURAX_ICONS]CISA’s SECURE SOFTWARE DEVELOPMENT ATTESTATION FORM rule comes into effect next week. It requires that companies that produce software and sell it to the government adhere to key security practices. It also requires that those developers attest to their practices. In writing. Signed by an executive of the company. It applies to companies that do […]
Continue reading → [DISPLAY_ACURAX_ICONS]Senator Ron Wyden, who is possibly the biggest advocate on Capitol Hill for cybersecurity and privacy, laid into UnitedHealth Group’s CEO for their cybersecurity practices. Their practices led to a breach that affected possibly one third of the adults in the US who have health insurance. Senator Wyden also asked the FTC and SEC to […]
Continue reading → [DISPLAY_ACURAX_ICONS]Feds Say ChangeHealth Can File Breach Notice on Behalf of Doctors After All Changing your mind … is a federal agency’s prerogative, apparently. Normally under HIPAA, it is the doctor or hospital that has to file the breach notice and until this week, that was the fed’s (HHS) position for the ChangeHealth breach. However, smarter […]
Continue reading → [DISPLAY_ACURAX_ICONS]