Consumer Reports Buys Consumerist.com
By Laura Wilson, JD, CISA Candidate, ♦ ISR Corporate Liability Editor
Combining the unimpeachable credibility and expertise of Consumers Union, the publishers of Consumer Reports since 1936, with the widely read, shoot-and-move Consumerist format that nets over 10 million pages views per month is a big win for the public and their advocates.
ISR News: Experts Hack VeriSign
Excerpt from Computerworld.com’s Robert McMillan
With the help of about 200 Sony Playstations, an international team of security researchers has devised a way to undermine one of the algorithms used to protect secure Web sites - a capability that the researchers said could be used to launch nearly undetectable phishing attacks.
ISR News: Economy Spurs Cybercrime
Excerpt from BBC News’ Mark Ward
“The damage that insiders can do should not be underestimated. It can take just a few minutes for an entire database that has taken years to build to be copied to a CD or USB stick,” said Adam Bosnian, a spokesman for Cyber-Ark.
ISR News: Data Theft Spurs Lawsuits
Excerpt from NKY.com
The lawsuits stem from the arrest of Rene Rebollo Jr., 36, of Pasadena, Calif., a former senior analyst for Countrywide, and Wahid Siddiqi, 25, of Thousand Oaks, Calif. Investigators said Rebollo used a flash drive to download data from about 20,000 customers a week for two years, from 2006 through August 2008, then sold the information to Siddiqi for a total of $50,000.
ISR News: SSI Numbers Breached
Excerpt from the Louisville News BizJournal
RBS WorldPay, a subsidiary of Citizens Financial Group Inc. said law enforcement agencies are investigating a Nov. 10 breach of the company’s cyber security. The breach affected the personal information of 1.5 million cardholders. Up to 1.1 million Social Security numbers could have been accessed, according to the company.
ISR News: 16,000 Katrina Records Posted
Excerpt from The Times-Picayune’s Gwen Filosa
FEMA has confirmed that an “unauthorized breach of private information” resulted in the information release of 16,857 names, Social Security and phone numbers, and other private details of people who had applied for benefits. The information was flashed on a pair of privately run Web sites, but for how long was unclear.
ISR News: “Paring Down” Security
Excerpt from CIO.com’s Jaikumar Vijayan
“The intensive projects that require a lot of capital outlay and work on the integration side are probably going to be throttled back,” Hochmuth said. He also expects companies to look more closely at integrating their security, networking and operations teams and reducing their staffing levels.
ISR News: Employee Arrested for ID Theft
Excerpt by the LA Time’s Alexandra Zavis
Hospitals’ increasing reliance on computerized record-keeping has provided new avenues for identity theft and invasions of medical privacy. As recently as May, a Glendale man was convicted of using the names of hundreds of Los Angeles County and city employees to submit fraudulent claims for diagnostic services amounting to more than a quarter-million dollars.
ISR News: Hackers Steal 22K SSI Numbers
Excerpt from ChronicleT.com’s Lisa Roberson
“Educational organizations accounted for nearly one-third of all U.S. data-breach incidents during the past three years, according to the Privacy Rights Clearinghouse. About 58 percent of college IT officials nationwide have dealt with at least one computer-security incident in the past year with the increase in cyber attacks on college campuses has dramatically increased between 2006 and 2007 with 67.5 percent more incidences being reported in just one year.”
U.S.Banks Vulnerable to Sabotage
Feature Article By Anthony M. Freed, ♦ ISR Financial Editor
2009 will prove to be the year that this systemic weakness comes to the forefront of politics and the news:
The United States is unprepared for a major hostile attack against vital computer networks, government and industry officials said Thursday after participating in a two-day “cyberwar” simulation.
“There isn’t a response or a game plan,” said senior vice president Mark Gerencser of the Booz Allen Hamilton consulting service, which ran the simulation.
Democratic U.S. Rep. James Langevin of Rhode Island, who chairs the homeland security subcommittee on cybersecurity, said: “We’re way behind where we need to be now.” Dire consequences of a successful attack could include failure of banking or national electrical systems, he said.
