BreachExchange mailing list archives
Re: Knock, knock. Who's there? No one.
From: "Al Mac Wow" <macwheel99 () wowway com>
Date: Mon, 25 Feb 2013 15:39:44 -0600
In situations like this, where a reasonable effort has been made to inform some organization that they have a live breach, and there is uncertainty whether the info is getting thru to the responsible parties, what is the next civilized step? Send a communication to senior law enforcement or attorney general for the state, about the nature of the breach, the institution involved, the fact that there has been an unsuccessful effort to bring it to the attention of the appropriate authorities there, introductory info about the organization which discovered the problem. Cite whatever state breach laws, and federal regulations appear to be violated, if the breached institution cannot fix this. If this is one of the states where such breaches are not yet of interest to state authorities, then send the communication to relevant federal authorities. Send a copy of your communication to the CEO of the breached institution, via snail mail to the address of the breached institution. If you can find what lawyer firm they use, also send copy to them, pointing out that when this kind of thing has happened at other institutions, and not rapidly fixed, it has often led to multi-million $ law suit settlements. The person without the e-mail link could be prison labor, or on a computer system not connected to the Internet (many do exist). Al Mac (WOW) = Alister William Macintyre day job = www.kewire.com Lawrenceville Il (near Vincennes In) via VPN/400 (our division dates back to 1955) 2013 Feb I become temporarily famous: http://cryptome.org/2013/02/drone-nations.htm -----Original Message----- From: dataloss-discuss-bounces () datalossdb org [mailto:dataloss-discuss-bounces () datalossdb org] On Behalf Of Jake Kouns Sent: Saturday, February 23, 2013 11:53 AM To: dataloss () datalossdb org; dataloss-discuss () datalossdb org Subject: [Dataloss-discuss] Knock, knock. Who's there? No one. http://datalossdb.org/incident_highlights/57-knock-knock-who-s-there-no-one <snip>
<<attachment: winmail.dat>>
_______________________________________________ Dataloss-discuss Mailing List (dataloss-discuss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Knock, knock. Who's there? No one. Jake Kouns (Feb 25)
- Re: Knock, knock. Who's there? No one. Al Mac Wow (Feb 25)
- <Possible follow-ups>
- Re: Knock, knock. Who's there? No one. Dissent (Feb 26)
- Re: Knock, knock. Who's there? No one. Al Mac Wow (Feb 27)