Data security breaches have been in and out of the headlines recently, and the Citigroup breach has once again brought the topic to the forefront. This week, Citi announced that more customers than originally announced had information stolen by hackers. All told, Citi reports that approximately 360,000 customer accounts were compromised. Even more troubling, Citigroup does not even know how the computer breach occurred, only that it affected hundreds of thousands of its credit card customers by revealing names, account numbers, and contact information.
Although Citigroup may not know the cause of the breach, the manner of discovery of the breach provides an important lesson. Citigroup apparently discovered unauthorized access through routine monitoring of the system. This story is a good reminder about the importance of monitoring and maintenance. No one could possibly hope to predict every potential information security threat, whether from outside hackers or from employees or other authorized users within the network. However, in many cases, the information about what’s going on in the system can be just as valuable.
Technology in the Workplace
- Where Does Social Media Happen? (Lawffice Space)
- Financial Advisors Venture Into Social Media – Sort Of (Smooth Transitions)
- Does an employer’s computer policy trump the marital privilege? (Employer Handbook)
- Facebook’s Tag Suggestions Raise HR Issues (ERE)
Technology and the Law More Generally
- Conn. AG Raises Concerns Over Facebook’s Face Recognition (ABA Journal)
- Senators Franken and Blumenthal Co-Sponsor Location Privacy Protection Act (Privacy & Information Security Law Blog)
- Judges Come Down Hard on Wired Jurors (Wall Street Journal Law Blog)
- Using Technology to Express Care, Support, and Sympathy (Digital Passing)
- Violent posts on social media profile determined to be threats (Internet Cases)
- Privacy Group Files FTC Complaint Regarding Facebook’s Facial Recognition Technology (Privacy & Information Security Law Blog)
- ‘Twittersquatter’ Sued By Company Targeted in Sarcastic Tweets (ABA Journal)
- 3rd Circuit Rules for Students Who Skewered Principals with Fake MySpace Profiles (ABA Journal, Wall Street Journal Law Blog)
Technology in the News
- Deploying New Tools to Stop the Hackers (NY Times)
- Citigroup Data Breach Worse Than Initially Reported; CIA Website Also Hacked (Risk Management Monitor)
- Connecting With Client Through the Power of Tech (NY Times)
- Same Gaffes, But Now on Twitter (NY Times)
- U.S. Underwrites Internet Detour Around Censors (NY Times)
- I.M.F. Reports Cyberattack Led to ‘Very Major Breach’ (NY Times)
- Negative Online Information Can Be Challenged, at a Price (NY Times)