2011 and Retail - Information Management Today

Who Stole 3.6M Tax Records from South Carolina?

Krebs on Security

APRIL 16, 2024

The answer may no longer be a mystery: KrebsOnSecurity found compelling clues suggesting the intrusion was carried out by the same Russian hacking crew that stole of millions of payment card records from big box retailers like Home Depot and Target in the years that followed. Nikki Haley to head the state’s law enforcement division.

Sales

Sales Retail Insurance Access

GUEST ESSAY: Here’s why penetration testing has become a ‘must-have’ security practice

The Last Watchdog

FEBRUARY 24, 2022

Yes, and that is what Sony exactly lost when they were hacked and the personal info of every one of its customers leaked in 2011. Healthcare companies must follow HIPAA rules; retailers must comply with PCI DSS. Huge sum, right? Related: Supply-chain hacks prove worrisome. Are the credentials updated? Compliance, governance.

Security

Security Compliance Retail IoT

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

That document indicates the Liberty Reserve account claimed by MrMurza/AccessApproved — U1018928 — was assigned in 2011 to a “ Vadim Panov ” who used the email address lesstroy@mgn.ru. PANOV Constella Intelligence , a threat intelligence firm that tracks breached databases, says lesstroy@mgn.ru

Passwords

Passwords IoT Sales Retail

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass

The Security Ledger

SEPTEMBER 14, 2022

It’s how Amazon dethroned retail giants like Sears and Toys R Us, and Netflix transformed movie-watching. Writing in 2011 i n the Wall Street Journal , Andreessen predicted that, in the next 10 years, he expected many more industries to be disrupted by software. .

Cloud

Cloud Passwords Retail Business Services

California District Court Certifies Class in ZIP Code Collection Suit

Hunton Privacy

MAY 21, 2012

The Court found that the Song-Beverly Act does not include an exception that would allow a retailer to ask for personal identification information as a condition of a credit card transaction from customers who previously (or subsequently) provided any personal information to the retailer.

Retail

Retail Privacy Security IT

Crooks use carding bots to check stolen card data ahead of the holiday season

Security Affairs

NOVEMBER 17, 2019

Cybercriminals are automating this process using carding bots that are able to make small purchases on smaller retailers’ websites. Researchers were able to detect the first Canary bot attack after noticing a Safari browser version from 2011 changing IP addresses on a daily basis and that originate from cloud and colocation services. .

Retail

Retail Cloud Access IT

New Jersey Courts Issue Conflicting Rulings in ZIP Code Collection Cases

Hunton Privacy

OCTOBER 18, 2011

The conflicting orders leave unanswered the question of whether New Jersey retailers are prohibited from requiring and recording customers’ ZIP codes at the point of sale during credit card transactions. On September 16, 2011, a judge for the Superior Court of New Jersey issued a bench ruling in Imbert v. Harmon Stores, Inc.,

Retail

Retail Sales Marketing Privacy

FRANCE: New cooperation agreement between the CNIL and DGCCRF

DLA Piper Privacy Matters

FEBRUARY 1, 2019

On 31 January 2019, the French Data Protection Supervisory Authority (CNIL) and the French General Directorate for Competition Policy, Consumer Affairs and Fraud Control (DGCCRF, authority in charge of consumer protection) signed a new protocol of cooperation to improve protection of personal data of consumers.

GDPR

GDPR Personal data B2C Retail

Email Marketing Service Provider’s Data Breach Likely to Affect Millions

Hunton Privacy

APRIL 4, 2011

On April 1, 2011, Epsilon Data Management, LLC (“Epsilon”), a leading marketing services provider based in Irving, Texas, issued a press release announcing that its clients’ customer data had been “exposed by an unauthorized entry into Epsilon’s email system” that took place on March 30, 2011.

Marketing

Marketing Data breaches Retail Phishing

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

NOVEMBER 26, 2018

When Snyder took office at the start of 2011, Google had just disclosed details about Operation Aurora – China’s systematic breach of dozens of marquee corporations; details were trickling out about a worm, called Stuxnet , that had corrupted the controls of Iranian nuclear plants; and the massive Target retail chain breach, which was to pivot off (..)

Cybersecurity

Cybersecurity Military Education Government

Lush Avoids ICO Fine After Website Data Breach

Hunton Privacy

AUGUST 18, 2011

After customers reported 95 complaints claiming that they had been the victim of credit card fraud, Lush discovered that its website had been repeatedly hacked into over a four month period between October 2010 and January 2011.

Data breaches

Data breaches Retail Personal data Security

California Supreme Court Finds that ZIP Codes Are Personal Identification Information Under Song-Beverly Act

Hunton Privacy

FEBRUARY 14, 2011

On February 10, 2011, the California Supreme Court ruled in Pineda v. When the plaintiff made a purchase by credit card at the defendant retailer, a cashier requested her ZIP code and she provided it, believing that it was necessary to complete the transaction. Williams-Sonoma Stores, Inc.

Retail

Retail Marketing Sales IT

Criminal Background Checks: Reviewing the Year in FCRA Class Action Settlements

Hunton Privacy

JANUARY 14, 2014

plaintiff’s October 2011 class action complaint alleged that K-Mart willfully violated the FCRA prior to obtaining consumer reports and prior to taking adverse actions against the class. K-Mart Corp., 11-cv-00697 (E.D. In January 2013, parties reached a $3 million settlement , which received final approval from the court on May 24, 2013.

Retail

Retail Risk IT Privacy

Cybersecurity Identified as an SEC OCIE Examination Priority for 2018

Data Matters

FEBRUARY 19, 2018

Further, although the last formal guidance on disclosure obligations relating to cybersecurity risks and incidents dates back to 2011, there appears to be increasing scrutiny over public disclosures around cybersecurity risk in recent years as well. According to OCIE, each of its examination programs will prioritize cybersecurity.

Cybersecurity

Cybersecurity Risk Compliance Marketing

Top 9 Network Access Control (NAC) Solutions

eSecurity Planet

MARCH 14, 2021

CounterACT plays well in regulated environments such as defense, finance, healthcare and retail. Aruba ClearPass may also be known as Avenda eTIPS after HPE acquired Avenda and its NAC solution in 2011. It is already proven to be effective as a long-term solution for Global 1000 firms, such as BASF, Siemens, and Deutsche Bahn.

Access

Access Compliance Authentication Education

FTC Issues Landmark Privacy Report

Hunton Privacy

DECEMBER 1, 2010

In the offline context, this could include, for example, having a cashier in a retail store “ask the customer whether he would like to receive marketing offers from other companies.”. The FTC report is expected to be followed by a separate privacy report from the Department of Commerce.

Privacy

Privacy Retail Data Privacy Education

Aussie Telcos are Failing at Some Fundamental Security Basics

Troy Hunt

MARCH 27, 2018

This screen faces out into the retail store with people constantly wandering past it only a couple of meters away, well within the distance required to observe the contents off it. This is the user-selected password used for identity verification with store customers wandering past it.

Security

Security Passwords Authentication Mining

States Attempt to Address Privacy Risks Associated with Digital Copiers and Electronic Waste

Hunton Privacy

APRIL 1, 2011

Retailers of covered electronic equipment will be required to provide consumers with information at the point of sale about opportunities offered by manufacturers for the return of electronic waste, to the extent they have been provided such information by the manufacturer.

Privacy

Privacy Risk Manufacturing Retail

Ireland: New DPC Guidance Sets Regulatory Expectations around Use of Website Cookies

DLA Piper Privacy Matters

APRIL 9, 2020

In its report, the DPC noted that the ad-tech industry is subject to separate inquiries – this report is more broadly focussed on organisations across a range of sectors, including retail, entertainment, insurance, banking, public sector, media and publishing.

GDPR

GDPR Analytics Personal data Compliance

The 2011 Web 2 Summit Program Is Live; My Highlights

John Battelle's Searchblog

SEPTEMBER 7, 2011

From policy to tech, art to retail, we've got one of the most varied lineups ever. And this year's program hews more tightly to our theme than any before it. Just about every speaker will be presenting on some aspect of how data changes the game in our industry. You can see it here , but remember, these are extremely volatile times.

Marketing

Marketing Retail Privacy IT

EUROPE: Article 29 Working Party publish draft Guidelines on Consent

DLA Piper Privacy Matters

DECEMBER 13, 2017

The guidelines expand on the WP29’s ‘ Opinion on the definition of consent’ (July 2011), addressing the concept of consent in the context of the enhanced regulatory regime under the GDPR. On 12 December 2017, the Article 29 Working Party (WP29) published draft Guidelines on Consent under the General Data Protection Regulation (GDPR).

GDPR

GDPR Personal data Retail Data collection

Predictions ’23: Advertising – Netflix, Apple, Amazon, Twitter

John Battelle's Searchblog

DECEMBER 29, 2022

Predictions 2011. 2011: How I Did. That’s pretty much the entire bottom of the funnel, and over the past five years, Amazon has quietly built a $30+billion advertising business on top of it. Predictions 2016. 2016: How I Did. Predictions 2015. 2015: How I Did. Predictions 2014. 2014: How I Did. Predictions 2013. 2013: How I Did.

Marketing

Marketing Retail Sales IT

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

When I was working for a retail company I thought it was fantastic. In 2011, researcher Ang Cui showed how updates to common laser printers were not signed or otherwise authenticated, meaning that you might think you’re doing the right thing by applying an update when in reality you might be unintentionally installing malware.

IT

IT Manufacturing Government Paper

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

When I was working for a retail company I thought it was fantastic. In 2011, researcher Ang Cui showed how updates to common laser printers were not signed or otherwise authenticated, meaning that you might think you’re doing the right thing by applying an update when in reality you might be unintentionally installing malware.

IT

IT Manufacturing Government Paper

Ten Years Later, New Clues in the Target Breach

Krebs on Security

DECEMBER 14, 2023

retail giant Target was battling a wide-ranging computer intrusion that compromised more than 40 million customer payment cards over the previous month. Much of my reporting on Vrublevsky’s cybercrime empire came from several years worth of internal ChronoPay emails and documents that were leaked online in 2010 and 2011.

Computer and Electronics

Computer and Electronics Marketing Sales Healthcare

Reltio: From Origin Story to Future State

Reltio

DECEMBER 21, 2021

With a passion for innovation and a strong belief in the concept, he invested his personal savings and incorporated Reltio in 2011. Reltio then expanded to other verticals with similar patterns and needs, such as healthcare, financial services, retail, high tech, travel, and hospitality, among others. Reltio’s Future Plans.

Digital transformation

Digital transformation Healthcare Cloud Financial Services

Meet the World’s Biggest ‘Bulletproof’ Hoster

Krebs on Security

JULY 16, 2019

Those include a large number of cybercrime forums and stolen credit card shops, ransomware download sites, Magecart-related infrastructure , and a metric boatload of phishing Web sites mimicking dozens of retailers, banks and various government Web site portals. The one or two domain names registered to Aleksandr Volosovyk and that mail.ru

Phishing

Phishing Paper Ransomware Government

List of Data Breaches and Cyber Attacks in 2023

IT Governance

JUNE 1, 2023

We have confirmed that the list was created several years ago and appears to include all customer accounts created between 2011 and 2019. According to disclosure reports, the compromised information includes email addressed, hashed passwords, first and last names, and full names. “We

Data breaches

Data breaches Insurance Personal data Ransomware

List of data breaches and cyber attacks in December 2019 – 627 million records breached

IT Governance

JANUARY 3, 2020

Singapore-based retailer Love, Bonito apologises to customers after malware infection (unknown). The NHS lost hundreds of thousands of letters between 2011 and 2016. Streaming pirate Helix Hosting taken offline by vengeful cyber criminals who threaten to leak users’ info (unknown). In other news….

Data breaches

Data breaches Ransomware Phishing Government

Terms and Conditions: Recent Supreme Court Decisions Highlight There is More to Consider than Just the Privacy Policy

Data Matters

MAY 13, 2019

Online retailers must ensure that the necessary elements for a contract are satisfied. 333 (2011), there was some residual confusion over agreement that were unclear about whether parties intended to foreclose class proceedings. Binding the Consumer. Concepcion, 563 U.S. The recent Supreme Court case Lamps Plus, Inc.

Privacy

Privacy Risk Sales Access

Regulatory Update: NAIC Fall 2019 National Meeting

Data Matters

DECEMBER 20, 2019

The draft revisions include a requirement for producers to act in the “best interest” of a retail customer when making a recommendation of an annuity. regulatory standards do not meet the standards under the Insurance Core Principles, which the IAIS adopted in October 2011 and on which ComFrame was built.

Insurance

Insurance Risk Artificial Intelligence Privacy

Regulatory Update: NAIC Fall 2019 National Meeting

Data Matters

DECEMBER 20, 2019

The draft revisions include a requirement for producers to act in the “best interest” of a retail customer when making a recommendation of an annuity. regulatory standards do not meet the standards under the Insurance Core Principles, which the IAIS adopted in October 2011 and on which ComFrame was built.

Insurance

Insurance Risk Artificial Intelligence Privacy

Russian Govt. Continues Carding Shop Crackdown

Krebs on Security

FEBRUARY 9, 2022

Debuting in 2011, Ferum Shop is one of the oldest observed dark web marketplaces selling “card not present” data (customer payment records stolen from hacked online merchants), according to Gemini. . “Unless those shops were somehow selling data on Russian cardholders, which they weren’t.”

Sales

Sales Marketing Retail Ransomware

Predictions 2024: It’s All About The Data

John Battelle's Searchblog

DECEMBER 27, 2023

Why can’t the data from retail media networks inform supply chains, for example? That’s because money follows utility, and over the past two decades we’ve built a massive ecosystem of data-driven marketing platforms (Google and Meta, of course, but also Amazon, Salesforce, Adobe, Oracle, LiveRamp, etc).

Marketing

Marketing Energy and Utilities Big data B2B

Information Management Today

Who Stole 3.6M Tax Records from South Carolina?

GUEST ESSAY: Here’s why penetration testing has become a ‘must-have’ security practice

Webinars

Trending Sources

Giving a Face to the Malware Proxy Service ‘Faceless’

Webinars

Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass

California District Court Certifies Class in ZIP Code Collection Suit

Crooks use carding bots to check stolen card data ahead of the holiday season

New Jersey Courts Issue Conflicting Rulings in ZIP Code Collection Cases

FRANCE: New cooperation agreement between the CNIL and DGCCRF

Email Marketing Service Provider’s Data Breach Likely to Affect Millions

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

Lush Avoids ICO Fine After Website Data Breach

California Supreme Court Finds that ZIP Codes Are Personal Identification Information Under Song-Beverly Act

Criminal Background Checks: Reviewing the Year in FCRA Class Action Settlements

Cybersecurity Identified as an SEC OCIE Examination Priority for 2018

Top 9 Network Access Control (NAC) Solutions

FTC Issues Landmark Privacy Report

Aussie Telcos are Failing at Some Fundamental Security Basics

States Attempt to Address Privacy Risks Associated with Digital Copiers and Electronic Waste

Ireland: New DPC Guidance Sets Regulatory Expectations around Use of Website Cookies

The 2011 Web 2 Summit Program Is Live; My Highlights

EUROPE: Article 29 Working Party publish draft Guidelines on Consent

Predictions ’23: Advertising – Netflix, Apple, Amazon, Twitter

The Hacker Mind Podcast: Hacking Healthcare

The Hacker Mind Podcast: Hacking Healthcare

Ten Years Later, New Clues in the Target Breach

Reltio: From Origin Story to Future State

Meet the World’s Biggest ‘Bulletproof’ Hoster

List of Data Breaches and Cyber Attacks in 2023

List of data breaches and cyber attacks in December 2019 – 627 million records breached

Terms and Conditions: Recent Supreme Court Decisions Highlight There is More to Consider than Just the Privacy Policy

Regulatory Update: NAIC Fall 2019 National Meeting

Regulatory Update: NAIC Fall 2019 National Meeting

Russian Govt. Continues Carding Shop Crackdown

Predictions 2024: It’s All About The Data

Stay Connected