Free Republic

In what is suspected to be the biggest data leak case in the country so far, details of 81.5 crore Indians with the Indian Council of Medical Research (ICMR) are on sale. Given the grave nature of the incident, India’s premier agency Central Bureau of Investigation (CBI) is likely to probe the matter once ICMR files a complaint. A ‘threat actor’ with a handle on X, formerly Twitter, has advertised the database in the breached forum on dark web which involves records of 815 million Indian citizens — Aadhaar and passport information along with names, phone numbers and addresses. The...

Uber's former head of security, Joe Sullivan, was found guilty of obstructing an investigation by the Federal Trade Commission into Uber's security practices on Wednesday. He was also charged with hiding a 2016 data breach from authorities. This serious offense could have far-reaching implications for other Chief Information Security Officers (CISOs)- especially on the outsourced fractional/virtual CISO business model.

According to Security Magazine, there are an estimated 2,200 cyberattacks each day in the United States. That amounts to around 91 attacks every hour or one attack every 39 seconds. In 2020, the average cost of responding to a cyberattack to businesses of all sizes was estimated to be $3.86 million. As our work, school, and healthcare moves online, the need to prevent cyberattacks will become more pronounced. Recognizing the significant threat cyberattacks pose, a bipartisan group of U.S. Senators, led by Senator Mark Warner (D-VA), introduced the Cyber Incident Notification Act (CINA). While the bill fails to provide comprehensive...

America’s state and local governments should be wary of who they invite to invest in their communities. China has proven over and over that its investments come with strings attached. The line between Chinese business investment and Chinese government interference is murky. Communist China keeps a much heavier thumb on its citizens and businesses than the United States—and can compel its companies that do business in America to share customers’ personal data.By law, China requires its companies to divulge information deemed necessary for national security. And in China, national security means whatever the Chinese Communist Party wants it to mean....

FRANKFURT (Reuters) - A user of Amazon’s Alexa voice assistant in Germany got access to more than a thousand recordings from another user because of “a human error” by the company. The customer had asked to listen back to recordings of his own activities made by Alexa but he was also able to access 1,700 audio files from a stranger when Amazon sent him a link, German trade publication c’t reported. “This unfortunate case was the result of a human error and an isolated single case,” an Amazon spokesman said on Thursday. The first customer had initially got no reply...

At the end of her two-day visit to China, German Chancellor Angela Merkel on Friday called for better data protection assurances for German firms in future cooperation with Beijing. “Data is a deciding factor, and for companies data protection is naturally also fundamental,” she told reporters during a visit to the southern city of Shenzhen — China’s Silicon Valley. Merkel said that during her talks with Chinese leaders on Thursday in Beijing, she spoke “critically” about China’s cybersecurity law, saying it lacks protection for companies’ intellectual property and raises human rights concerns. […] In earlier talks with Chinese Premier Li...

OneLogin is reporting its recent data breach was made possible when a hacker obtained access to a set of Amazon Web Service keys through a third-party vendor. With this, the hacker was enabled entry into its U.S. data center compromising all its records.

The days of hand written letters and notes is over, it’s all digital now. As such, we find ourselves in a weird position where our private thoughts aren’t sealed in an envelope, but basically handled in an accurate version of “telephone” by third party companies on the honor system that they won’t reveal them. The problem isn’t companies accessing what we voluntarily give them, it’s the sense of entitlement to that information the government has.The Internet is the greatest advancement in communication in human history; it’s also a potential invasion of privacy that would make George Orwell declare it implausible....

Precision Medicine Initiative and Data Security | whitehouse.gov (05/25/2016 White house decree) https://www.whitehouse.gov/blog/2016/05/25/precision-medicine-initiative-and-data-security?mkt_tok=eyJpIjoiTVRFNE1Ua3laRGRqTlRZMyIsInQiOiJ1R1VHbTk3M2o5NmhHSFQrOHNYdXZKakE4OW1tWTJlSUszSThzbnRnRkNlSGZjK2VCREJGWG5xemdyanpIQUdLU3pJSjBHYTdZd2hPUERUdmliaVBMZjA3SjNUYVY2WUt2Z1pTS0xXdTNqcz0ifQ%3D%3D Precision Medicine Initiative and Data Security May 25, 2016 at 3:00 PM ET by Secretary Sylvia Mathews Burwell, Lisa O. Monaco Twitter Facebook Email Summary: Today, we are pleased to release the final Data Security Policy Principles and Framework (Security Framework) for President Obama’s Precision Medicine Initiative (PMI).     “We’re going to make sure that protecting patient privacy is built into our efforts from day one.”     - President Barack Obama, January 30th 2015 The health care system of the future is taking shape right now, and...

The Obama administration is moving ahead with controversial new rules that require doctors to switch to electronic health records or face fees, resisting calls from both parties to delay implementation. Federal health officials said the final rules released Tuesday will make “significant changes" in the "meaningful use" electronic health records program, such as lowering the number of standards each provider must meet and allowing providers to apply for hardship exemptions. But the administration will not delay what it calls "Stage 3" of the records program, a move that is already angering vocal Republicans like Sen. Lamar Alexander (R-Tenn.), who have...

Attention, parents: Have your little ones been subjected to "TS Gold" in school yet? If you care about student privacy, data mining and classroom intrusions, you might want to start asking questions and protecting your children now before it's too late. What's happening here in Colorado with this onerous testing regime is happening everywhere. Informed families and teachers from all parts of the political spectrum agree: It's a Big Government/Big Business "gold" rush you don't want to join. "TS Gold" stands for Teaching Strategies Gold. This "school readiness assessment system" was mandated in our state several years ago. It has...

ARMONK, NY — IBM inventors have received a patent for a breakthrough data encryption technique that is expected to further data privacy and strengthen cloud computing security. The patented breakthrough, called "fully homomorphic encryption," could enable deep and unrestricted analysis of encrypted information — intentionally scrambled data — without surrendering confidentiality. IBM's solution has the potential to advance cloud computing privacy and security by enabling vendors to perform computations on client data, such as analyzing sales patterns, without exposing or revealing the original data. IBM's homomorphic encryption technique solves a daunting mathematical puzzle that confounded scientists since the invention of...

There are many reason I don’t like Obamacare, including its punitive impact on taxpayers and the way it takes our healthcare system even further from a market-based approach. But now I’m increasingly worried Obamacare also is creating a playground for hackers and identity thieves – and the rest of us will be the victims. Simply stated, the results probably won’t be very pretty when you mix together these two items. 1) Typical government incompetence. 2) Massive data collection by government. I pontificate on these issues in an interview with Neil Cavuto. Dan Mitchell Discussing How the IRS and Obamacare May...

Using executable program files to hide data with steganographySteganography is a form of security through obscurity in which information is hidden within an unusual medium. An artist might paint a coded message into a portrait, for instance, or an author embed words in the text. A traditional paper watermark is a well-known example of steganography in action. At first glance, there would appear to be nothing unusual about the work, but a recipient aware of the presence of the hidden message would be able to extract it easily. In the computer age, steganography has become more of a science than...

HIMSS Analytics (short for Healthcare Information and Management Systems Society); a “think-tank” for the healthcare management world has just released the 2008 HIMSS Analytics Report: Security of Patient Data. release info. This report examines the security of patient personal identifying information (PII) and protected health information (PHI). In the current data breach crazy world, this is a timely report which tries to get beneath the surface of the needs of health professionals to balance quick access to secure patient health records and the need to protect not only patient privacy but prevent access to information which could lead to identity...

Deloitte loses McAfee employee data by Antony Savvas Monday 27 February 2006 McAfee's auditor Deloitte & Touche USA LLP has lost an unencrypted CD containing the personal details of more than 9,000 of its employees. The auditor lost the CD when one of its employees left the disc in the back of an airline seat. Security software company McAfee was informed of the incident by Deloitte on 11 January, almost a month after the disc was lost. The disc was lost last December and McAfee has just finished sending out warning letters to the employees and former employees affected. The...

The Trusted Computing Group has released a specification for servers with a special security chip, which the industry group says will better protect data and transactions. At the heart of the blueprint for "trusted servers" is the Trusted Platform Module, a chip that stores digital keys, certificates and passwords. The TPM is already used in PCs. More than 15 million "trusted clients" have been shipped by PC makers such as Hewlett-Packard and Dell, according to the TCG. Computers with the security chip can wall off data, secure communications and identify systems belonging to the company or to business partners. Servers...

The retail finance division of Citigroup has admitted that a backup tape containing personal information on almost 4 million customers has gone missing. The United Parcel Service lost the tape on May 2nd, and it hasn't been seen since. CitiFinancial only noticed the tape was missing on May 20. The tape contains Social Security numbers and transaction histories on both open and closed accounts at the bank’s lending branches. Citigroup says it has no reason to believe the tape has been stolen, but alarmingly, the tape hasn't shown up at any UPS depot despite six weeks of searching. The company...

More credit, mortgage and tax files are being handled abroad. Nothing suggests your data are more vulnerable -- but an identity thief 10,000 miles away is virtually untouchable. Your best friend may not know how much you made last year or whether you've been late with a credit-card payment -- but an office worker in India might. Tax returns, mortgage applications, even credit-bureau files are among the sensitive financial data that cost-conscious American firms are quietly shipping overseas. Consider: As many as 500,000 U.S. tax returns could be prepared in India next year, says tax outsourcing expert Gary Boomer of...

Hacker Breaches T-Mobile Systems, Reads US Secret Service Email By Kevin Poulsen, SecurityFocus Published Wednesday 12th January 2005 09:47 GMT A sophisticated computer hacker had access to servers at wireless giant T-Mobile for at least a year, which he used to monitor US Secret Service email, obtain customers' passwords and Social Security numbers, and download candid photos taken by Sidekick users, including Hollywood celebrities, SecurityFocus has learned. Twenty-one year-old Nicolas Jacobsen was quietly charged with the intrusions last October, after a Secret Service informant helped investigators link him to sensitive agency documents that were circulating in underground IRC chat rooms....