Dennis Fisher talks with Ed Bellis, CISO of Orbitz Worldwide, about the security challenges facing a Web-based business, the value of software security initiatives and the joys of compliance in today’s regulatory environment.Listen to the podcast:
Read the transcript
Steven Jinwoo Kim, 40, a DBA has been convicted of hacking his former employer GEXA Energy following his guilty plea to intruding into his employer’s computer database system. Read the full article. [Databreaches.net]
MassMutual officials this week confirmed that one of its employee
databases was accessed by an unauthorized person or persons, exposing
an unknown number of employees’ personal data for a
yet-to-be-determined amount of time. The Springfield, Mass.-based insurer said the compromised
database was being maintained by an unidentified, third-party vendor
and contained “a limited amount of personal employee data.” Read the full article. [internetnews.com]
The four men whom a federal grand jury indicted this week for their alleged roles in a scam that stole millions of dollars from RBS WorldPay were no fools. The small crew of hackers had a distinct division of labor, operated with skill and efficiency and left one of the world’s larger banks holding the bag.
U.S. and international prosecutors have taken down a criminal ring that they allege was responsible for an ATM scam last year that stole about $9 million from RBS WorldPay. The criminals were able to evade the company’s encryption system used on payroll debit cards and withdraw money from ATMs in 280 cities around the world.
A team of Catalan researchers has developed a protocol to distort the
user profile generated by Internet search engines, in such a way that
they cannot save the searches undertaken by Internet users and thus
preserve their privacy. Read the full story [Science Daily]
Federal authorities on Wednesday filed intrusion charges against two
men accused of accessing the computer systems of their former employer. Scott R. Burgess, 45, of Jasper, Indiana, and Walter D. Puckett, 39,
of Williamstown, Kentucky, both worked as managers for Indiana-based
Stens Corporation until taking jobs with a competing company in Ohio,
according to an indictment filed in federal court.
Two separate bills that would require organizations to notify consumers when their personal information has been compromised have made their way out of committee in the Senate, a critical step toward the creation of a national data-breach notification bill.
Individual data compromised in a data breach is four times more likely to be used for identity theft finds Javelin Research in a multi-year study. Another key finding cited: Most consumers do not see the link between breaches and identity theft. “[D]espite 19.5 percent of breach victims
suffering some kind of fraud in the past year, only 2 percent attribute
their fraud to the breach.” Read the full article. [Dark Reading]
Martin Quoc Pham, 28, of Garden Grove was sentenced by a judge to 11 years in Federal prison for spearheading an identity theft ring targeting home equity lines. The compromised accounts of JP Morgan Chase customers were fraudulently accessed and lines of credit were stolen including nearly $1 million that was transferred to accounts controlled by the ring.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
