Category Archives: Breach Notification

Senator Seeks Answers from President on White House Cyber Attack

Chairman of the Senate Committee on Commerce, Science and Transportation, John Thune, has sent an open letter to President Obama to address the cyber attack on the White House’s unclassified computer system in late-2014. The breach, allegedly by Russian hackers, was according to Senator Thune “more extensive than previously known,” and accessed “a great deal of sensitive information, such as schedules, policy discussions, and e-mails sent and received by” Mr. Obama, “including exchanges with ambassadors.” Following increased attacks across Executive Branch departments and agencies, Mr.…

Continue Reading....

Cyber Attack Immobilizes Dutch Government Websites

As reported by the BBC, most of the Dutch government’s websites were rendered inoperable after a successful distributed denial of service (DDoS) cyber-attack on Tuesday, when servers were flooded with traffic, rendering the sites virtually inoperable.  A number of private sites were also breached, and the attack also affected communications provider Telford.  As the BBC noted, these attacks “highlighted the vulnerability of public infrastructure.” An official from the Dutch Government Information Service, Rimbert Kloosterman, remarked that the complexity and size of the government’s websites had…

Continue Reading....

Hacker Gains Control of German Steel Mill Operations

The  German Federal Office for Information Security (BSI) has issued a report revealing that a sophisticated hacker was able to take control of a steel mill’s computerized production system, forcing an unscheduled shut-down that caused “massive damage” to the physical plant. By using targeted emails, known as “spear phishing,” employees were tricked into opening messages that extracted login names and passwords and transmitted that information to the hacker without detection. The hacker, in turn, used the data to gain limited control of the…

Continue Reading....

Mandatory Reporting and “Cyber Mission Forces” Created in 2015 National Defense Authorization Act (NDAA)

Beyond appropriating $560,000,000,000 for military spending for 2015, the Defense Authorization Act passed this month expands the role of the military in wide range of areas, including strategic programs in outer space, budgeting and accounting for a new “cyber mission” major force program category, and new mandatory reporting of “cyber incidents” by government contractors and agencies. Title XVI, Subtitle C of the Senate Amendment to H.R. 3979, “Cyber-Related Matters,” first directs the Secretary of Defense to submit with the 2017 budget a new program for…

Continue Reading....

Lawsuits Follow College’s Untimely Notifications – Can’t Blame the Dog…

Last year, the Maricopa County Community College District suffered a data breach in April, but waited until November before advising former students and employees that their academic and/or personal data may have been compromised.  Approximately 2.4 million people were impacted by this breach, or roughly the population of Pittsburgh, Pennsylvania.  Among the data that may have been breached were social security numbers, dates of birth, and bank account numbers. Recently, a current student of Phoenix College sued the College District in Maricopa County Court, making…

Continue Reading....