By: - Dir. Solutions Marketing

ZIP Codes Are … PII?!

April 15th, 2013

Mr. ZIP (or Zippy to his friends) was born back in July 1963 and the soon-to-be 50-year-old is finally getting some privacy … in Massachusetts at least. The Massachusetts Supreme Court recently determined that under Mass. Gen. Laws, ch. 93, § 105(a), “personal identification information” includes a consumer’s ZIP code and decided that collecting such […]



By: - Dir. Solutions Marketing

Uncle Sam Has Yet Another Data Protection Bill

June 25th, 2012

The latest attempt at creating a US Federal data protection / data breach notification law was recently introduced in the Senate. The “Data Security and Breach Notification Act of 2012” (S.3333) was submitted by Sen. Pat Toomey (R-PA) with the support of Sens. Olympia Snowe (R-ME), Jim DeMint (R-SC), Roy Blunt (R-MO) and Dean Heller […]



By: - Dir. Solutions Marketing

Change Your LinkedIn Password – Now!

June 6th, 2012

LinkedIn – the online professional networking site which I suspect many Optimal Security blog readers use – has apparently been hacked, resulting in something like 6.5M SHA-1 hashed passwords being posted in a Russian hacker site. This evolving situation will certainly be updated through-out the day (and beyond), so I don’t want to recap the […]



By: - Dir. Solutions Marketing

Illinois’ New Data Protection Law

August 24th, 2011

News today, courtesy of Brendon Tavelli at Proskauer’s Privacy Law blog via the always excellent Office of Inadequate Security, of a new data breach notification bill just signed by Governor Pat Quinn of Illinois. Interesting to me both personally (Go Illini!!) and professionally, this bill (HB 3025) amends Illinois Public Act 097-0483 (the Personal Information Protection […]



By: - Forensics and Security Expert

@phenrycissp

Key Steps to Navigate Around New Facebook Privacy Settings

January 4th, 2010

What’s all the fuss about the latest changes on Facebook? Simply put, the changes mean that nearly everything that you place on your Facebook page can now potentially be made available to anyone surfing the Internet. The latest Facebook changes are purported to be an enhancement to make the social networking site easier for people who are looking […]



By: - Dir. Solutions Marketing

Don’t Procrastinate on Red Flags Rule Compliance Despite Latest Delay

November 18th, 2009

So, the Federal Trade Commission (FTC) has, for the fourth time (!) delayed enforcement of the so-called “Red Flags” rules, according to a statement posted on the agency’s website. Compliance enforcement is now scheduled for June 1, 2010 –- in case you’re keeping score at home, the previous dates were 01-Nov-08 (original), 01-May-09 (first delay), […]



By: - Forensics and Security Expert

@phenrycissp

Sesame Street Simple Facebook Guide to Surviving Malicious Attacks

October 30th, 2009

It certainly seems that not a week goes by without hearing about yet another attack on Facebook users. Last week it was a phishing scam driven by a botnet, and this week, we have two new and different phishing scams — one cleverly tricking users into revealing their passwords and another installing malware that quietly […]



By: - Dir. Solutions Marketing

Where the Money Is

June 8th, 2009

Willie Sutton is reputed to have said (although he didn’t, actually), when asked why he robbed banks, “Because that’s where the money is.” So, we’re not really surprised to learn that a new scam is on to liberate the contents of ATMs, and by more sophisticated means than the skimmers I’ve written about previously. Nope, […]



By: - Dir. Solutions Marketing

Beware of ATM Card Skimmers

May 5th, 2009

I ran across an interesting post in the Consumerist about a guy who found a card skimmer attached to his local ATM. Apparently, he was alert enough to notice that something wasn’t quite right, and pulled it right off the machine … and discovered that it was designed to read the info off a card […]



By: - IT Security Expert

Healthcare 2.0? The Security Skinny on Obama’s Stimulus Package

March 31st, 2009

On Tuesday February 17th, President Obama signed the economic stimulus package that carves out $19B for modernizing health information systems.  The transition from paper to electronic or e-records in the healthcare industry has been happening for some time.  Although in small numbers, the process has been slow to ramp up based on technology considerations and […]


By: - IT Secured. Success Optimized.

@_lumension

Heartland Data Breach: A Wish List from a Customer Whose Loyalty may be Waning

March 6th, 2009

The reported number of institutions impacted by the Heartland Payment Systems data breach continues to increase – it has already affected over 600 financial institutions. While we’ve heard plenty about the number of those impacted and have looked at the malware used to conduct this breach  – what hasn’t been discussed is the impact from […]


By: - Dir. Solutions Marketing

Delayed, Again: Massachusetts Data Security Regulation

March 4th, 2009

Some time ago we wrote about the new Massachusetts Data Protection law, slated to come online in May this year (after being delayed from the start of 2009). As you may recall, this law  (201 CMR 17.00) is stricter than past laws, more specific than any state’s data security regulations to date, and more expensive […]


By: - Dir. Solutions Marketing

The People in the Equation: Avoiding Malicious Scam Sites

February 16th, 2009

Here’s another entry in one of my fundamental observations about computer security: in the end, it comes down to applying human intelligence. A friend who works in the banking industry pointed this lovely advert out to me … Needless to say, this made it onto the pages of failblog.com, entitled “Scam Fail” (see here). Bwa-ha-ha-ha-ha-haaaa. […]


By: - IT Security Expert

Transparency in a New Threat Environment

February 3rd, 2009

The last couple of weeks have been troubling, albeit not entirely surprising, to those of us in the security field who closely follow high-impact security breaches. On January 20 credit card processor Heartland Payment Systems announced a massive external breach of its systems that is shaping up to be one of the largest exposures of […]



IT Secured. Success Optimized.™

Contact Lumension | Privacy Policy

Connect & Follow Us

blog.lumension.com