Default title

BREACH REPORTING

IN THE UNITED STATES REPORTING IS MANDATORY

In the US reporting is mandatory within 30 days of a data breach.

There are also certain laws requiring various notification methods to alert affected individuals given the scope of the release.

In Canada we have no such reporting requirements and therefore have no way of knowing how breaches that a Canadian Company may experience line up with the American experience.

Identity Theft Resource Center has released its 2015 Current Summary and the data we take from it is very interesting. The number of records released from Healthcare related organizations constitute the largest amount of released records however the Business Category represents the most breaches.

Canadians tend to follow closely with our neighbors to the South and as such it is suspected that our results would be similar if mandatory reporting existed here.

Official source ITRC Report

RECENT THREAT POSTS

- Lindsey O'Donnell

The FTC has banned the sale of three apps - marketed to monitor children and employees - unless the developers can prove that the apps will be used for legitimate purposes.

- Tara Seals

The Qode Instagram Widget and Qode Twitter Feed both have bugs that could allow redirects to malicious sites.

- Lindsey O'Donnell

Karsten Nohl, who was behind this week's research that outlined new eavesdropping hacks for Alexa and Google Home, says that privacy for smart home assistants still has a ways to go.

- Tara Seals

The Magecart splinter group known for supply-chain attacks appears to be tied to advanced threat actors.

- clare

A survey of nearly 300 Black Hat conference attendees this year showed strong agreement that service accounts are an attractive target.

- clare

By monitoring their environment, companies can be ready to take action if any weakness – usually a software vulnerability – is found.

- Elizabeth Montalbano

A report by HP found that most people admit to looking at others’ computer screens and documents in the workplace while still keeping their own privacy top of mind.

- Tara Seals

A host of new features have been added to the malware.

- Lindsey O'Donnell

The travel reservation data, along with personal details, of hundreds of thousands was discovered in a database exposed online for all to see.

- Tara Seals

The Russian-speaking APT stole the Neuron and Nautilus implants and accessed the Iranian APT's C2 infrastructure.

Archives

Leave a Reply

Your email address will not be published. Required fields are marked *