data breach

Subscribe to data breach via RSS

Threatening dark clouds covering the skyIt all seemed so routine, so straightforward.  The case was settled, with a $500,000 payment to be made to the approved settlement administrator.  The law firm received an email from the administrator with wire transfer directions, and the settlement funds were sent per the instructions.  Just one problem – the email didn’t come from the administrator, the receiving bank was not the right bank, and the half million dollars evaporated.  Poof – gone in an instant.

Sure, it would’ve been prudent for the law firm to have picked up the phone and independently verified the email sender and instructions.  But how did the bad guys know precisely when and to whom to send the phony email, and exactly what to say?  Was it from publicly available information in the court file?  Was there a rogue insider at the firm, or at one of the other litigant’s firms, or at the court, or with the settlement administrator?  Or was someone’s email account illicitly monitored after being compromised by malware or through phished access credentials?
Continue Reading Bad news on law firm data security

Security dial turned to highest settingHow time flies.  Seventeen years ago, I went to work for a small, visionary company based in Seattle—Computer Forensics, Inc.   Indeed, the founder was so early in the e-discovery and forensics industry that our URL was forensics.com.  Laptop drives typically had 8 GB of storage, and servers were more often than not simply a bigger box that sat in a closet.

Lots has changed since then.  New technologies, expanded data sources and media types, and more raw data have flooded consumer and business marketplaces alike.  We’ve all seen the scary statistics on increasing information volumes and the security risks that follow.  Unfortunately, our controls for the creation, management, retention, and disposition of those data have not kept pace.  Yet how we manage our data on a day-to-day basis goes also to the heart of how we protect our data and ensure that our information assets are secure from theft or compromise.

During my years at CFI and since, I’ve found myself pondering “what if?” questions.  What if we only had to protect 20% of our information?  What if clients could take dollars earmarked for e-discovery and increased storage and spend them instead on better systems and operational improvements?  What if a client faced with the reality of a data breach didn’t have to wonder how many unnecessary skeletons were now visible?  The promise of information governance is that we can answer these questions affirmatively.  This is good news, and more importantly, news you can use.
Continue Reading Information governance – the foundation for information security

Fried egg on the sidewalk
“This is your information, ungoverned.”

2017 was rife with data dangers.  Nary a day passed without headlines of massive data breaches and ransomware attacks; Russian election-meddling through WikiLeaks and social media; fake news; and presidential tweet-storms.  Disruptive information-driven technologies continued to emerge, from block-chain to biometrics, IoT, AI, and robotics.  Meanwhile, the sheer volume of our personal and business data inexorably grew.

What better way to start 2018 than with a renewed commitment to Information Governance?  So, here are a dozen reasons why your organization should govern its information, in 2018 and beyond: 
Continue Reading 12 reasons to govern your information in 2018

The aftermath of the Equifax breach continues.  First, the Ugly:

Music Major?  Really?

The hoi polloi apparently find it offensive that Equifax’s Chief Security Officer, fired in the breach’s wake, had a music degree. The implication is that someone formally trained long ago in music is clearly incompetent to have a career in IT or Infosec, much less to be a CSO. That must be a surprise to Jennifer Widom (data management researcher, computer science professor, and Dean of Stanford University’s School of Engineering), who somehow, despite her undergraduate music degree, managed to help lay the foundations for active database systems architecture, crucial for such uses as security monitoring.  Or to countless others who came to Infosec after formal education in other disciplines – check out #unqualifiedfortech on Twitter.

Yesterday’s thoughtful Washington Post piece was well-titled: Equifax’s security chief had some big problems. Being a music major wasn’t one of them. And if your ironic sensibility remains unsated, see the 10/20/2016 article Musicians May Be the Key to the Cybersecurity Talent Shortage.

Next, the Bad:
Continue Reading Equifax breach – the good, the bad, and the ugly

Worried couple checking credit account onlineThe grousing began within 24 hours of Equifax’s announcement, last Thursday, of its massive data breach that compromised personal data of over 140 million U.S. consumers.  I’m generally unsympathetic about such complaints (“We’re shocked – SHOCKED – that in a breach affecting 140+ million people, we’re having trouble immediately reaching a live person at the phone bank!  And the breach website is not operating smoothly!”). Usually only Louis CK’s masterpiece “Everything’s Amazing – and Nobody’s Happy” can coax me out of my grumpy place.

But as post-announcement events have unfolded, some of the initial criticism appears to have legs:
Continue Reading Equifax breach – hot mess, or simply the world we live in?

Dark Territory: The Secret History of Cyber WarIn the early 1990s, NSA Director Mike McConnell created a brand-new position at the National Security Agency: Director of Information Warfare.  McConnell appointed Rich Wilhelm, with whom McConnell had worked closely on U.S. counter-command & -control intelligence operations during the first Iraq war.  After just a few weeks settling into his new job, Wilhelm walked into Director McConnell’s office and said “Mike, we’re kind of f***ed here.”

The problem?  The U.S. could penetrate and disrupt foreign adversaries’ increasingly computerized military, government, and civic infrastructures, and it was already clear that future conflicts would turn upon what would only later be dubbed cyber warfare.  But whatever we could do to our adversaries, they could do to us.  Making matters worse, the U.S. military, civilian governmental agencies, and private businesses were rapidly connecting everything in computer networks, with no meaningful attention paid to network security.  We’d be throwing rocks from the largest glass house on the planet.

In Dark Territory: The Secret History of Cyber War, Pulitzer Prize-winning journalist Fred Kaplan adroitly distills over one hundred key player interviews –  from U.S. cabinet secretaries, generals, admirals, and NSA directors, to analysts, aides, and officers in the trenches – into a riveting narrative that tracks the debut, developments, and dilemmas of cyber warfare.

Kaplan’s book is a cyber roller coaster ride spanning three decades.  Here are some notable highs and lows:
Continue Reading The TAO of Cyber Warfare: Dark Territory

White WalkerA swarm of zombies, led by Byte Walkers, surges inexorably onward to penetrate a massive perimeter wall by force and stealth.  Sounds like Game of Thrones, right?  Instead, this is our cyberthreat reality. And in an ironic twist that would make George R. R. Martin blush under his beard, it’s now painfully real for HBO, which recently acknowledged suffering a massive cyber intrusion through which hackers claim to have stolen up to 1.5 terabytes of proprietary data, including Game of Thrones future epsodes.

First Sony, then Netflix, and now HBO – what’s a Westerosi to make of this?
Continue Reading Game of Hacks

Business woman screaming at laptopMany years ago, before common sense kicked in, I thought it would be a good idea to rent a storage space for all the extra furniture and other stuff I could not fit in my new house.  Knowing it would only be temporary, I stashed everything from upholstered and leather furniture, to boxes of books.  Fast forward twelve months.  The rental agreement was expiring, and I realized that I would never need nor have room for all that I’d stored, so I decided to have a sale to dispose of it.  When I went to the storage space I was horrified to see that everything was covered in a thin film of mold.  (This was years before climate-controlled storage was widely available.)  I had no choice but to trash it all, which both cost me money and prevented me from converting my goods to profit.

I was reminded of this long-ago event when I heard about the latest ransomware attack.  We’ve been reminded countless times of the importance of backup, and ransomware is only the most recent reason.  If you have ever had a hard drive fail, you know the pain that comes with irretrievable data.

So what happens when your backup media fails.? Or your archival media?  Don’t CDs last forever?
Continue Reading Backup failure in the age of ransomware

Lawyer holding a target on his faceWhile preparing for an upcoming presentation for in-house lawyers on data security, I dusted off the events of three months ago, when Yahoo! Inc. unceremoniously fired its general counsel on March 1st, the very same day it filed its 10-K for fiscal year 2016.  Yahoo’s 10-K disclosed the contemporaneous dismissal as a “Management Change” resulting from its Board of Directors’ Independent Committee investigation into Yahoo’s immense 2013-2014 data breaches, which were not disclosed until 2016. Unlike prior mega-breaches, in which the head of IT or the CEO was let go (Target, Sony), Yahoo singled out its lead in-house lawyer for firing … without separation compensation of any kind.

Henceforth, whether fairly or not, March 1 will be known as In-house Counsel Data Security Awareness Day – because it’s now clearer than ever before that in-house lawyers must take a hands-on approach to breach response, breach response readiness, and data security generally.Continue Reading In-house Counsel in the Cybersecurity Crosshairs