After Yahoo! breach, can users do anything to protect their online data?

In light of news reports that company executives did little to strengthen cyber-defenses, the group that seems most overlooked in the aftermath of the breach is Yahoo! customers.

FDIC data breaches indicate systemic failures in security management and monitoring

More troubling than the poor incident response (including reporting) at FDIC is the apparently complete inability of the agency to prevent large-scale data exfiltration.

Epic Mossack Fonseca breach tied to basic patch management failures

Mossack Fonseca failed to understand even basic information security and privacy principles and lacked the IT management skills or oversight necessary to ensure that they were adequately protecting their own and their clients’ information.

OPM (finally) notifies people affected by breach

My notification letter arrived on November 23, 137 days after the public announcement and approximately 200 days after OPM says it discovered the incident.

T-Mobile customers suffer breach because company relied on Experian

The breach highlights the general insufficiency of any corporate security program that fails to carefully consider the risk exposure represented by trusted third parties given access to or custody of sensitive information.

No upside to OPM data breaches

Subsequent disclosures and updates about the OPM incident paint a troubling picture of the poor security practices that facilitated the attack and delayed its discovery.

Anthem breach enabled by compromising administrator credentials

As an internal investigation continues into the massive data breach reported last week by Anthem, the company has confirmed reports that administrators who discovered the breach in late January noticed unusual activity on Anthem’s database systems…