Within 24 hours of the Heartbleed bug’s disclosure last week, an attacker used it to break into a major corporation, security experts said. Using Heartbleed, the name for a flaw in security that is used in a wide range of web servers and Internet-connected devices, the attacker was able to break into an employee’s encrypted virtual private network, or so-called VPN, session.
Increasingly companies are trying to hedge costs associated with attacks on their networks by purchasing cyber insurance. Not only are more start-ups and established insurance providers getting into the cyber insurance business, but more companies including mom and pops are paying for insurance against cybercriminals.
Several major record companies filed a lawsuit in New York State Supreme Court in Manhattan, accusing Pandora of violating the state’s common-law copyright protections by using recordings of older songs without permission. Along with a string of cases filed last year against Sirius XM Radio, the suit highlights an obscure legal issue that has come to the fore with the rise of streaming music online: that recordings made before Feb. 15, 1972, are not subject to federal copyright protection and may be missing out on tens of millions of dollars in royalties, according to industry estimates.
Michaels Stores Inc, the biggest U.S. arts and crafts retailer, confirmed that there was a security breach at certain systems that process payment cards at its U.S. stores and that of its unit, Aaron Brothers. The company said in January that it was working with federal law enforcement officials to investigate a possible data breach.
The U.S. Securities and Exchange Commission has failed to protect its data network against possible breaches, to encrypt highly sensitive information, or to use strong enough passwords, the Government Accountability Office said. In addition to the cybersecurity failings, even the physical security in place to protect SEC data and equipment from being accessed or stolen is lax, a 25-page GAO report said, with workstations located in an area open to all agency staff.