The Iowa DHS Breach is a great example of how employees need to be educated on the ways to stay secure. It also highlights how hard it is for a company to stay compliant, a company may do all the right things to become compliant but it is really hard to stay that way when you have so many variables.
Making sure you employees are educated should be one of the first priorities once you have become compliant.
http://www.cbs2iowa.com/news/features/top-stories/stories/iowa-dhs-data-breach-personal-info-25429.shtml
Friday, March 7, 2014
Is a Data Breach a Data Breach?
Ok so Johns Hopkins didn't lose any SS #'s or CC #'s, but the fact that they lost any data should be the concern.
It only takes one hole in the network for a hacker to access the entire network, once in who knows what they can find.
The real story here is that they found a way in ...... a small way in but a way in never the less.
http://www.wbaltv.com/news/fbi-probes-johns-hopkins-university-data-breach/24858850
It only takes one hole in the network for a hacker to access the entire network, once in who knows what they can find.
The real story here is that they found a way in ...... a small way in but a way in never the less.
http://www.wbaltv.com/news/fbi-probes-johns-hopkins-university-data-breach/24858850
Simple As Peanut Butter & Jelly...... That's What the Hackers are saying now
Lets hope the data is too sticky and the hackers get caught with jelly on their hands.
That is what management at Smuckers are hoping right about now, as they become the latest in the long line of companies to get hacked. I do start to sound like a broken record but if they encrypted the data at rest or encrypt the columns that contain CC info this wouldn't even be a story.
http://www.infosecurity-magazine.com/view/37342/stuck-in-a-jam-smuckers-suffers-data-breach/
When Hardware is stolen it is a Breach?
Oak Associates had a "device" stolen that had sensitive data on it, now they need to notify everyone and take what ever fines get handed out.
At some point all the devices that store or connect to sensitive data need to be secure, a simple policy for devices is that they need to be connected to the network for the data to be accessible. Is it inconvenient .... maybe ....... but we need to work for the greater good.
http://www.esecurityplanet.com/network-security/oak-associates-funds-admits-data-breach.html
At some point all the devices that store or connect to sensitive data need to be secure, a simple policy for devices is that they need to be connected to the network for the data to be accessible. Is it inconvenient .... maybe ....... but we need to work for the greater good.
http://www.esecurityplanet.com/network-security/oak-associates-funds-admits-data-breach.html
Should different types of organizations be held to a different Data Security Standard?
In the UK the Abortion provider has been fined £200,000 for a breach that happened in March of 2012. They are planning on appealing the fine as they believe it is "Out of Proportion", so what is out of proportion? the fine or the fact that we hold the type of information they store to a higher protection standard.
The Abortion industry is highly criticized and in the public eye all the time, based on the information that they store they should be held at a higher Standard for data protection.
http://www.bbc.com/news/health-26479985
The Abortion industry is highly criticized and in the public eye all the time, based on the information that they store they should be held at a higher Standard for data protection.
http://www.bbc.com/news/health-26479985
Data Breach & Unnecessary Burdens
What am I missing here? "Data and security breach notification rules must not place unnecessary burdens on businesses, says expert" () I go on your website and buy a Hans Solo figurine for my desk, looks great on my desk. You say your site is secure I'm happy with that, then when you loose all my info and you complain that there are too many notification rules.
Wouldn't you expect the same if it was your information that was lost, just securely encrypt all of the data and you wont need to worry about notifying anyone.
Thursday, March 6, 2014
Credit Card Data Not Encrypted Again!! - Uncle Giuseppe's Marketplace Breach
When will people learn that if you store your credit card info in plain text you are asking for trouble. This will not be the last time this happens but maybe some retailers will start to listen and protect the data at rest.
IF YOU STORE MY CC INFO PLEASE PROTECT IT.
Data Protection Standards are a must - Congress needs to act Fast
Congress can talk to as many experts as they can find, some of them may even have an original thought about Data Protection. I believe that at the end of the day there really are some simple guidelines that need to be put in place to create an effective Data Protection Standard.
Econofoods Breach
With breaches happening on an daily (if not hourly basis) it is no surprise that another retailer goes down. Econofoods (http://bit.ly/1l3bMpm) is the latest in a list of retailers to loose CC info, It makes you wonder why they don't just spend the few bucks they need to encrypt all the data. This shouldn't be a requirement for compliance it should be STANDARD in the way retailers do business.
Encryption is not an expense its a required cost to do business.
Don't become one of the next retailers to go down Encrypt your Data now.
A Diary of a Hacker - Who to Hack
Do they have targeted lists to go after or is it just random?
I'm sure only a hacker could really answer the question but it is safe to assume that they look at companies the same way we do. Who has the most PII data that they can get easily. Right now they are looking at Universities & Healthcare and all they can do is smile, it seams they are the most vulnerable right now.
http://triblive.com/news/adminpage/5717110-74/employees-upmc-theft#axzz2vDFXFi4l
I'm sure only a hacker could really answer the question but it is safe to assume that they look at companies the same way we do. Who has the most PII data that they can get easily. Right now they are looking at Universities & Healthcare and all they can do is smile, it seams they are the most vulnerable right now.
http://triblive.com/news/adminpage/5717110-74/employees-upmc-theft#axzz2vDFXFi4l
Educate the Educators - NDUS 2nd University in as many weeks to be Breached
Now this is what we think of when we hear about a hack......... a server containing PII was hacked, not stolen or thrown away by accident. The best part is it happened a month ago and we are just hearing about it today.
Do You Buy Insurance For you House But No Locks For The Doors!
I get it Cyber Insurance is the next great business opportunity, it may even save some companies a great deal of money. But remember with all insurance policies there are always ways for the insurance company to not pay. While I have no knowledge about how the policies are structured, I am sure they won't just pay out claims if you are not trying to stop the breaches.
So the need for proper security measures will always be present
http://www.cioinsight.com/security/slideshows/what-to-do-after-a-security-breach.html/
So the need for proper security measures will always be present
http://www.cioinsight.com/security/slideshows/what-to-do-after-a-security-breach.html/
Wednesday, March 5, 2014
Beauty comes with a cost you may not be aware of.
The list of retails that have had breaches is long and Sally Beauty just joined in on the party. 282,000 stolen debit and credit cards have been posted for sale. Please can someone wake these retailers up and educate them in the ways to secure Credit Card information, can they just encrypt the data at rest to start with.
http://www.businessweek.com/articles/2014-03-05/sally-beauty-data-hack-another-day-another-retailer-in-a-massive-credit-card-breach
http://www.businessweek.com/articles/2014-03-05/sally-beauty-data-hack-another-day-another-retailer-in-a-massive-credit-card-breach
Target CIO resigns...Did she really have a choice.
After one of the largest breaches in US history that lost personal data of tens of millions of customers, it is not really surprising that one of the top executives from the company would fall. We can't really blame her for leaving after all the buck does stop with her.
http://adage.com/article/cmo-strategy/target-cio-resigns-wake-data-breach/291987/
http://adage.com/article/cmo-strategy/target-cio-resigns-wake-data-breach/291987/
Credit Unions have your back But who has theirs?
When a breach happens and it is no fault of the card issuing Banks or Credit Unions who takes the biggest hit. Well the multi million dollar banks have deep pockets and will happily refund any nefarious activity on your accounts, your small Credit Unions will always do the same but when they reissue your card it is a cost they must eat.
There are no rules in place to make the offending merchant liable for any of these costs, unless there are changes made to these rules the smaller banks and credit unions will have no choice but charge higher fees or just go out of business.
http://thehill.com/blogs/congress-blog/technology/199856-credit-unions-and-their-members-pay-a-steep-price-after-data
There are no rules in place to make the offending merchant liable for any of these costs, unless there are changes made to these rules the smaller banks and credit unions will have no choice but charge higher fees or just go out of business.
http://thehill.com/blogs/congress-blog/technology/199856-credit-unions-and-their-members-pay-a-steep-price-after-data
There's a Bright side to Data Breach?
Google Results: The Bright Side of a Data Breach?
Google is saying that when you get breached your page rankings go up and it could boost sales. In this article they use Target as an example....... doesn't everyone know who Target is don't they already rank 1 or 2 in a search.
All the money you lose in negative publicity and fines are going to be made up in higher page rankings .....hehehehehe. What a joke.
FYI a month after your breach your page ranking will more than likely start to slip back to normal, so make the most out of the sales you get in that month.
Faxes are the most secure way to communicate .......REALLY!
I need to verify that you are in the hospital so I send a fax with all your sensitive details on it to the hospital, the hospital then just checks a box to say if you are still admitted or discharged.
REALLY ..... this is the most secure way to gather that info. Try maybe an email with a case number with your last 4 of your SS# or maybe pick up the phone to verify. You know it would also be really cool if the Insurance companies could submit a request in the hospitals medical system.
So many other options to send sensitive data ....... But a fax
The Desolation of Fraud
In this day and age, the need for solid security is more vital than ever, and its importance shouldn’t be underestimated. Even the dwarves of Erebor knew to protect their treasure horde with the most stalwart defenses imaginable, sealing off even the back entrance into the Lonely Mountain with a door whose keyhole would only be visible when the thrush knocked and the door was struck by the setting sun with the last light of Durin’s Day, the first day of their new year. Not an easy defense system to crack!
Congress working at Glacial speeds.....again!
Congress will again today hear from top law enforcement, consumer advocacy and industry experts regarding Data security. It is the 5th such meeting since the Target breach in 2013, so far they have taken some breaks ordered some lunch and CREATED ZERO laws bill or any government relate regulations.
In the mean time we have companies out there losing data on a daily basis, how many INDUSTRY EXPERTS do we need to hear from to understand that system is broken and more congressional meetings will not solve any problems.
To add insult to injury ...... The House Science Committee is having a session on Thursday regarding Data Privacy, you might say great they are all trying to get something done. But both groups don't speak to each other, they are completely different people in each group and if they every wanted to discuss their findings they would schedule a NEW MEETING.
http://thehill.com/blogs/hillicon-valley/technology/199896-overnight-tech-data-breach-talks-back-in-congress
In the mean time we have companies out there losing data on a daily basis, how many INDUSTRY EXPERTS do we need to hear from to understand that system is broken and more congressional meetings will not solve any problems.
To add insult to injury ...... The House Science Committee is having a session on Thursday regarding Data Privacy, you might say great they are all trying to get something done. But both groups don't speak to each other, they are completely different people in each group and if they every wanted to discuss their findings they would schedule a NEW MEETING.
http://thehill.com/blogs/hillicon-valley/technology/199896-overnight-tech-data-breach-talks-back-in-congress
Students Express Disbelief
A quote from a student at UMD “This is such an established university. I thought, ‘How does this happen?’” () Really ....... some of the biggest banks and companies in the world have been hacked, they also have endless funds to prevent this type of thing from happening. Why would you think that a University that has limited funds and for years have never had to worry about DATA Secuirty would be more secure.
I would say Universities are low hanging fruit for a hacker.
Zevin Asset Management Acknowledges Data Breach
Once again we talk about the lack of employee education. In this breach (http://bit.ly/1gSMJlA) it came down to an employee just post information where they shouldn't have. It's a simple solution ....education, once the company puts simple guidelines in place educating your employees on best practices is easy.
Tuesday, March 4, 2014
The Next Big Threat In 2014?
While the next obvious data breach will come in the way of a retailer or bank or something along those lines as pointed out by Kaspersky Lab (). One of the most damaging breaches comes in the way of an application hack. Giving the attackers the ability to get the source code, imbed code in to the program or worse yet compromise the user data. Encryptionizer for application developers can help you protect all you source code from any prying eyes ( )
Issuing new Credit Cards with Chip Technology - Premature?
I give the Banks credit for issuing these types of cards for extra protection.
My question is where can I use it?
I'm not sure we a quite there yet, I know in other part of the world chip technology in CC's are old news and standard. But her in the US most of the POS devices still can't handle the chips, so the extra security really is pointless as they still use the magnetic strip on the back of the cards.
Until our POS devices are converted to handle the chip's it will be just a great decoration on your card, until then you can go to party and say "look at my new CC with the chip......isn't it cool"
http://www.dailyprogress.com/workitcville/news/virginia-credit-union-issues-credit-cards-with-chip-technology/article_1c115ba4-a3e5-11e3-bbba-001a4bcf6878.html
My question is where can I use it?
I'm not sure we a quite there yet, I know in other part of the world chip technology in CC's are old news and standard. But her in the US most of the POS devices still can't handle the chips, so the extra security really is pointless as they still use the magnetic strip on the back of the cards.
Until our POS devices are converted to handle the chip's it will be just a great decoration on your card, until then you can go to party and say "look at my new CC with the chip......isn't it cool"
http://www.dailyprogress.com/workitcville/news/virginia-credit-union-issues-credit-cards-with-chip-technology/article_1c115ba4-a3e5-11e3-bbba-001a4bcf6878.html
Eating, Sleeping & Identity Fraud are all part of our lives.
It is a little crazy to believe that Identity Fraud could be stopped with a few fire walls and encrypted databases. The more we move to a mobile life the better the chance you will become a victim of Identity Fraud. It is the new way of life that we all need to accept.
http://securitywatch.pcmag.com/identity/320763-identity-fraud-it-s-here-to-stay
http://securitywatch.pcmag.com/identity/320763-identity-fraud-it-s-here-to-stay
Database Encryption for Physical, Virtual, & Cloud Environments
YOUR CHALLENGE
The shift to make businesses more competitive means that critical data must be available and secure in the Physical, Virtual and Cloud environments. Organizational effectiveness is directly related to performance of applications and the database systems delivering the data. Security and compliance initiatives have historically had a negative impact on performance levels, leading to increased labor cost and slowed client transactions. Current practices focus on Perimeter Protection - firewalls,
Your Bank is like a piece of Swiss Cheese
Warning Not Safe For Your Eyes.........Your bank has a lot of holes for data to slip out (http://bit.ly/1k5i7R7). Most banks have large numbers of vendor software that they use, while they do test most of them it only stands to reason that they cant check all of them. Banks need to secure this data step by step, first step is to encrypt the data where it resides once this is done other applications would need to be fully vetted to gain access to the data. Don't rely on the vendor to be secure make your self secure first.
Get your nose out of my patient's business
It is great to see the increase in Healthcare IT spend (). 51% have increased the security budgets but only 3% are using it to secure Patient data ........Huh. What other data are you trying to protect? Patients are your business and should be the focus and the priority for all data security. When talking about health care data all data should be encrypted for the good of the patient not for the good of the company.
Encrypt your data every where.
Nonprofits Brace for Data Breaches
Yes even the charities of the world are potential victims in this ever growing ocean of data breaches (http://bit.ly/1hhlwbQ). We look at large companies taking breaches and continuing business as usual the next day, that cant be said for an organization that survives on the donations. It would be a hard lesson to learn for a nonprofit to be breached, that is why they need to be very careful with all the data the store and encryption is a must.
Data Breach & Unnecessary Burdens
What am I missing here? "Data and security breach notification rules must not place unnecessary burdens on businesses, says expert" () I go on your website and buy a Hans Solo figurine for my desk, looks great on my desk. You say your site is secure I'm happy with that, then when you loose all my info and you complain that there are too many notification rules.
Wouldn't you expect the same if it was your information that was lost, just securely encrypt all of the data and you wont need to worry about notifying anyone.
Department of Veterans Affairs gets data breach warning?
Let me understand this correctly......... the VA was given a warning the breach would happen and still did nothing about it??? Lets do quick poll of all the companies out there that have been hacked, ask them if they were given a heads up what would they do.
I would bet they would do anything to get that sort of info, so where does this leave the VA? I would say they need to be seriously delt with, to ignore a rules and regulations (FIPs 140-2, Hipaa, PCI ........) is one thing but to ignore a serious vunrabilty in you IT infustracture when you have been given a warning ....... what should the punishment be?
I would bet they would do anything to get that sort of info, so where does this leave the VA? I would say they need to be seriously delt with, to ignore a rules and regulations (FIPs 140-2, Hipaa, PCI ........) is one thing but to ignore a serious vunrabilty in you IT infustracture when you have been given a warning ....... what should the punishment be?
BREAKING DATA NEWS ALERT - UMD is offering one year of free credit protection
While one year credit monitoring is a wonderful gift for attending UMD. (http://bit.ly/1bzhcFi) It still shows how organizations are still not protecting the PII data they hold. Until they secure all sensitive data this will be a common gift given to all victims.
So when is credit monitoring going to just given to everyone as a standard, clearly they are willing to spend money on that and not encryption.
HIPAA Audits to Resume ?
So they are going to start Audits again (http://bit.ly/1k62jO2)...... this is a great example of how the government works. They say to everyone that they must be HIPAA compliant, BUT we are not going to check up on you. If you put rules in place you should be checking all the time other wise there is no point to the enforcement of those rules. Really not sure what the hold up is on these Audits, we need to make these organizations accountable if they are not compliant.
Witnesses Tell CA State Needs Stiffer Breach Penalties - HUH?
Not sure I really understand this title - "Witnesses Tell California Lawmakers State Needs Stiffer Breach Penalties" (http://bit.ly/1k5Sb7K). I agree 100% on the topic of the article but the title is strange, who are these witnesses....... the whole state of CA....everyone that has ever been involved with a hack? I understand that the whole country needs tougher Penalties for breaches the title still confuses me.
Congress - Growing data breaches looms
Wait news flash - Congress just realized that there is a growing data breach looming over the nation. Now how long will it take them to pass some sort of laws to help with it? How many more breaches will there be before they put some real notification laws in place. http://bit.ly/1ch2JJt
HIPAA Fines hidden in plain sight
YES the Fed will only fine you $1.5 million per year for a breach, but it doesnt stop the State and local governments from placing fines on you as well. One of the most important parts regarding the fines is that the Fed will stop at $1.5 m per year, but the same is not to be said for everyone else that can fine you. There is a simple answer is to protect your data, use encryption.
Healthcare needs HIPAA education
HIPAA breaches come in all different shapes and sizes (http://bit.ly/MUVEbf), but the most common element in all of them are employees. Healthcare organizations are required to become compliant with the HIPAA regs which are hard enough to decipher, the missing step was the education of the employees on what to do and what not to do with electronic records. It's not completely the healthcare companies fault after all only 1% of the industry is IT.
“But I would like to feel protected by my university.”
From what I can gather some of the former students didn't get notified of the breach. Now some of the current students are saying “But I would like to feel protected by my university.” I hate to give you the bad news but todays universities need to spend a little money and secure the data they collect.
Start-up Question - Security or Growth?
This is a puzzling question as there is really only one answer that should not be questioned.
That is of course BOTH security & growth, we all know that start-up money is hard to get and even harder to spend wisely. There is no easier way for a company fall rapidly and that is to lose all of their customers data, why would you skimp on security when it could be your companies downfall.
http://www.todayonline.com/tech/start-ups-rush-lock-security-door-after-horse-has-bolted
That is of course BOTH security & growth, we all know that start-up money is hard to get and even harder to spend wisely. There is no easier way for a company fall rapidly and that is to lose all of their customers data, why would you skimp on security when it could be your companies downfall.
http://www.todayonline.com/tech/start-ups-rush-lock-security-door-after-horse-has-bolted
Data Breaches cause a Hiring spree
Breached - Now Hiring
With all of these breaches companies are now scrambling to hire IT professionals, but buyer be ware, rushing to hire so called "security experts" in the IT space should be done with caution. Internet Security is always changing as the hackers find new ways to attack, "security experts" need to be chameleons in the way they address breaches and the possibility of future attacks.
Monday, March 3, 2014
HHS "Who should we Audit" you tell us!
HHS (Department of Health and Human Services) to Conduct Survey About Which HIPAA (Health Insurance Portability and Accountability Act) Covered Entities and Business Associates Should Be Audited.
Why are they not auditing everyone it just doesn't make sense. If you have a breach at a large company or several small companies doesn't it all equal the same thing. You have medical records of patients out in the world somewhere.
Article here
How can the PCI compliance program evolve
There is a laundry list big retailers that have become victims of data breaches, Target is just the latest on the list and Neiman Marcus maybe joining at any minute.
Not being PCI compliant is the most common factor in all of the breaches, while being compliant is not guaranteeing you that it will stop the attack from happening. But when that attack happens and you are in catch up mode trying to get ahead of the breach, being PCI compliant may still help you.
Not being PCI compliant is the most common factor in all of the breaches, while being compliant is not guaranteeing you that it will stop the attack from happening. But when that attack happens and you are in catch up mode trying to get ahead of the breach, being PCI compliant may still help you.
Target - Lose $1 billion in revenues after Breach... then spend $100 million on some fixes
So I'm sure you know where I'm going with this post.......
Target takes a hit to their reputation, they take a hit to revenues. They then spend $100 million on fixing security holes they may have, even after the breach there some obvious issues they have addressed. But the question I ask them is if you had spent a little money securing all the different points at which customer data is accessed or stored, this would be a different story.
http://risnews.edgl.com/retail-best-practices/Target-Invests-$100M-in-Data-Security91496?googleid=91496
Target takes a hit to their reputation, they take a hit to revenues. They then spend $100 million on fixing security holes they may have, even after the breach there some obvious issues they have addressed. But the question I ask them is if you had spent a little money securing all the different points at which customer data is accessed or stored, this would be a different story.
http://risnews.edgl.com/retail-best-practices/Target-Invests-$100M-in-Data-Security91496?googleid=91496
1,700 Detroit employees' personal data breached
DETROIT — Detroit says a recent computer security breach affected files that contained personal identifying information of about 1,700 city employees.
City chief information officer Beth Niblock said at a news conference Monday that a city employee apparently clicked on a malicious software link in an email that released a code that froze access to numerous files.
Niblock says two files included information such as the names, birth dates and Social Security numbers for the current and former employees.
As Data Security Grows More Complex, Snapchat is a Cautionary Tale
I have to confess, I am not a big app user. In fact, I can’t recall the last time I made any such download, whether to my phone or iPad. This aversion doesn’t merely stem from a lack of interest in their functions. Rather, I remember one particular time when I went to install a certain app, saw that it required full access to my phone and its data, and hopped right on the “nope” train. Now, maybe (probably) that was just me being paranoid, but when certain incidents make the news, you begin to wonder if your caution was warranted after all.
NHS patient data made publicly available online
The shambles that is NHS England's Care.data patient data sharing scheme suffered another blow this week as it is revealed that patient-level data was available publicly online.
Ben Goldacre has tweeted that Hospital Episode Statistics (HES) -- the psuedonymised data collected about patients when ........http://www.wired.co.uk/news/archive/2014-03/03/care-data-leaks
Minnesota Companies will notify you within 48hrs of breach
This is a great start to help those effected when a company is breached and your data is lost. We still need to work on the prevention of data lose, as I have mentioned in a previous post California has a great guideline to help handle breaches and the prevention of breaches.
The Minnesota bill:
http://www.bna.com/minnesota-breach-law-n17179882557/
California Guideline:
https://oag.ca.gov/cybersecurity
The Minnesota bill:
http://www.bna.com/minnesota-breach-law-n17179882557/
California Guideline:
https://oag.ca.gov/cybersecurity
Senate, Retailers Push Data-Theft Law
Congress and the Obama administration are rallying retail-sector support for a national standard for companies to notify customers about data theft, but a government cybersecurity task force member says ambiguous language in bills might allow “a get-out-of-jail-free card” about when to warn consumers.
Recent FTC Ruling Could Cloud Data Security Enforcement
The arcane world of data security regulations just got a little more ambiguous.
In January, the Federal Trade Commission affirmed its authority to bring action against businesses that fail to adequately protect consumer data. The decision has particular implications for health care, as the case involved LabMD, a medical testing laboratory and a covered entity under HIPAA.
BREAKING DATA NEWS ALERT - Is your ventilator or IV leaking? Your data of course.
Experts Cite Medical Devices, Patient Portals Among Emerging HIPAA-HITECH Security Threats
Well thats not what I was expecting when we talk about HIPAA violations. We all think that the typical breach comes in the form of a database being lost or stolen, but the bigger picture is that every device that connects to sensitive data needs to be secure.
If you start to think about the number of devices that are in a hospital the amount of security holes are endless.
Don't Blink or your Identity will be lost
Reachers say that every 2 seconds someone loses their Identity, but wait there is good news here.
Last year thieves only stole $18 billion to the previous year $21 billion, it is safe to say that companies are starting to take notice and do something about it.
Last year thieves only stole $18 billion to the previous year $21 billion, it is safe to say that companies are starting to take notice and do something about it.
BREAKING DATA NEWS ALERT - "What's wrong with my friend" Healthcare Breach
"Health care workers potentially snooping into the electronic health information of friends, neighbors, spouses or co-workers."
While this is not the big data breach that we hear about in the news all the time, It is however classed as a breach under the HIPAA Omnibus Rule. These types of breaches have been going on for years and will continue until organizations but safe guards in place to stop this from happening. Make employees accountable for snooping on their friends and family.
BREAKING DATA NEWS ALERT - Your Mortgage company will be breached
Over 70% of mortgage lenders risk data breach
Does this really surprise you at all, I have had my dealings with mortgage companies just like most Americans. They way I have had to send info in to them via fax and other means still really just surprises me. It is not surprising that they still have practices that were in place 10 years ago. Time for them to change and catch up with the current electronic practices.
Sunday, March 2, 2014
California Gov Stands out from the crowd
While many states are getting hacked on a regular basis and California is one of them, at least they are taking a proactive approach.
California has published a guideline that all states should take a look at and mirror where possible.
Subscribe to:
Posts (Atom)