ZIP Codes Are … PII?!

By: Chris Merritt - Dir. Solutions Marketing

ZIP Codes Are … PII?!

April 15th, 2013

Mr. ZIP (or Zippy to his friends) was born back in July 1963 and the soon-to-be 50-year-old is finally getting some privacy … in Massachusetts at least. The Massachusetts Supreme Court recently determined that under Mass. Gen. Laws, ch. 93, § 105(a), “personal identification information” includes a consumer’s ZIP code and decided that collecting such [...]

Read the Post »

By: Chris Merritt - Dir. Solutions Marketing

Uncle Sam Has Yet Another Data Protection Bill

June 25th, 2012

The latest attempt at creating a US Federal data protection / data breach notification law was recently introduced in the Senate. The “Data Security and Breach Notification Act of 2012” (S.3333) was submitted by Sen. Pat Toomey (R-PA) with the support of Sens. Olympia Snowe (R-ME), Jim DeMint (R-SC), Roy Blunt (R-MO) and Dean Heller [...]

Read the Post »

By: Chris Merritt - Dir. Solutions Marketing

Change Your LinkedIn Password – Now!

June 6th, 2012

LinkedIn – the online professional networking site which I suspect many Optimal Security blog readers use – has apparently been hacked, resulting in something like 6.5M SHA-1 hashed passwords being posted in a Russian hacker site. This evolving situation will certainly be updated through-out the day (and beyond), so I don’t want to recap the [...]

Read the Post »

By: Chris Merritt - Dir. Solutions Marketing

Illinois’ New Data Protection Law

August 24th, 2011

News today, courtesy of Brendon Tavelli at Proskauer’s Privacy Law blog via the always excellent Office of Inadequate Security, of a new data breach notification bill just signed by Governor Pat Quinn of Illinois. Interesting to me both personally (Go Illini!!) and professionally, this bill (HB 3025) amends Illinois Public Act 097-0483 (the Personal Information Protection [...]

Read the Post »

By: Paul Henry - Forensics and Security Expert

@phenrycissp

Key Steps to Navigate Around New Facebook Privacy Settings

January 4th, 2010

What’s all the fuss about the latest changes on Facebook? Simply put, the changes mean that nearly everything that you place on your Facebook page can now potentially be made available to anyone surfing the Internet. The latest Facebook changes are purported to be an enhancement to make the social networking site easier for people who are looking [...]

Read the Post »

By: Chris Merritt - Dir. Solutions Marketing

Don’t Procrastinate on Red Flags Rule Compliance Despite Latest Delay

November 18th, 2009

So, the Federal Trade Commission (FTC) has, for the fourth time (!) delayed enforcement of the so-called “Red Flags” rules, according to a statement posted on the agency’s website. Compliance enforcement is now scheduled for June 1, 2010 –- in case you’re keeping score at home, the previous dates were 01-Nov-08 (original), 01-May-09 (first delay), [...]

Read the Post »

By: Paul Henry - Forensics and Security Expert

@phenrycissp

Sesame Street Simple Facebook Guide to Surviving Malicious Attacks

October 30th, 2009

It certainly seems that not a week goes by without hearing about yet another attack on Facebook users. Last week it was a phishing scam driven by a botnet, and this week, we have two new and different phishing scams — one cleverly tricking users into revealing their passwords and another installing malware that quietly [...]

Read the Post »

By: Chris Merritt - Dir. Solutions Marketing

Where the Money Is

June 8th, 2009

Willie Sutton is reputed to have said (although he didn’t, actually), when asked why he robbed banks, “Because that’s where the money is.” So, we’re not really surprised to learn that a new scam is on to liberate the contents of ATMs, and by more sophisticated means than the skimmers I’ve written about previously. Nope, [...]

Read the Post »

By: Chris Merritt - Dir. Solutions Marketing

Beware of ATM Card Skimmers

May 5th, 2009

I ran across an interesting post in the Consumerist about a guy who found a card skimmer attached to his local ATM. Apparently, he was alert enough to notice that something wasn’t quite right, and pulled it right off the machine … and discovered that it was designed to read the info off a card [...]

Read the Post »

By: Paul Zimski - IT Security Expert

Healthcare 2.0? The Security Skinny on Obama’s Stimulus Package

March 31st, 2009

On Tuesday February 17th, President Obama signed the economic stimulus package that carves out $19B for modernizing health information systems. The transition from paper to electronic or e-records in the healthcare industry has been happening for some time. Although in small numbers, the process has been slow to ramp up based on technology considerations and [...]