Commentaries and Analyses

Leahy’s data breach bill’s flawed assumptions

The chairman of the powerful U.S. Senate Judiciary Committee, Sen. Patrick Leahy, is trying—after two failed attempts—to get his data breach bill made into law. But even though his bill would answer the pleas of many retailers by creating one single national standard for handling major retail data breaches, the bill’s details don’t deliver...

Credit industry slow to protect customers from CreditMaster scam

Recent cases in which people have been charged with online fraud for allegedly making purchases with illegally obtained credit card numbers have shed light on the lack of effective measures taken to frustrate the CreditMaster scam used in these incidents, even though the credit card industry was already aware of its existence. The industry...

Germany adopts stricter data protection law

On July 3, 2009, the German Federal Parliament passed comprehensive amendments to the Federal Data Protection Act (the “Federal Act”). These amendments also passed the Federal Council on July 10, 2009, and the revised law will enter into force on September 1, 2009. The new amendments cover a range of data protection-related issues, including...

Details of 10,000 MS workers among stolen data

Last week, this site reported on a story from Times Online about the new Lucid Intelligence database of identity details that had been found up for sale by cybercriminals. The database consists of 120 million records on 40 million people worldwide, compiled by identity theft expert Colin Holder and others. Users can conduct a...

GAO report: persisting info sec weaknesses

From the Summary of GAO-09-546 July 17, 2009, Information Security: Agencies Continue to Report Progress, but Need to Mitigate Persistent Weaknesses : Persistent weaknesses in information security policies and practices continue to threaten the confidentiality, integrity, and availability of critical information and information systems used to support the operations, assets, and personnel of...