Breach Quickies
Well, now that America’s Finest News Source is getting into breach coverage, I guess I can move on. See “Hotels.com Information Stolen” in the Onion.
Also, Nick Owen has some good analysis of the Ohio State comedy of errors in “Repurcussions of data loss at Ohio University.” I’m hoping Chris will cover the N+1 Ohio State breaches, just as soon as they stop auto-incrementing.
Not to be picky, but folks here in Columbus might be quick to remind you that the breach was at Ohio University in Athens, not The Ohio State University in Columbus.
I’m a bit busy — travelling on business. I figure the fourth and fifth breaches at OU (did you think it was just three? That is so last week!) are due more to ISS looking at their servers with a microscope than to any actual additional nefarious activity. In other words, these are but the traces of the sins of long ago. I may be wrong, but unless new info has come to light today, the available facts are a little sparse to know for sure either way.
@Alex: I feel your pain. Right after breach 3, I was *this* close to emailing a friend who does infosec at THE Ohio State University and asking him what the heck was up. That could have been awkward :^).
Don’t miss this story about the student who warned O.U. about the system’s insecurity and was fired for it.