Well,
In the past two days, I’ve seen breach notifications. In an article I found on twitter, over 800 South Carolina employees that work the state in some capacity or another got breached and someone is getting diciplined. 824 current and former Charleston County employees impacted in HR data breach is the article, and the good news out of this will be that the number is small compared to some of the other big time breaches.
The next one comes from Krebs on Security where we get an update to a breach from First American. SEC Investigating Data Leak at First American Financial Corp. is the name of the article and let it be known that this is huge.
Word of the SEC investigation comes weeks after regulators in New York said they were investigating the company
in what could turn out to be the first test of the state’s strict new cybersecurity regulation, which requires financial companies to periodically audit and report on how they protect sensitive data, and provides for fines in cases where violations were reckless or willful. First American also is now the target of a class action lawsuit
that alleges it “failed to implement even rudimentary security measures.
I know one thing, I store backups of my stuff in dropbox, unlinked, safely in my hands, and protected by two factor. While no service is 100 percent fullproof, we must start somewhere. Having databases open like the capitalone breach, insiders like the capitalone breach, firewall issues like the capitalone breach, and the like won’t cut it anymore. Maybe not all these factors were related to Capital One, but all of them are the same in every breach. This can’t be good. It can only get worse, correct?
Thoughts? Feel free to sound off.