|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dataloss] complete/official list of security breach disclosures
From: Adam Shostack (emergentchaos
gmail.com)
Date: Wed Feb 01 2006 - 19:13:00 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
The only state requiring a notice (to the attorney general's office) is
New York, as of Jan 1, 2006
The best sources are the privacy rights clearinghouse page, and the
pages linked from there (including our page at
http:/www.emergentchaos.com/archives/cat_breaches.html) . There are
some people talking about building a database of things, but its all
volunteer effort.
Adam
On Feb 1, 2006, at 8:02 PM, Bill Yurcik wrote:
>
> It was a great idea to start this list!
>
> Maybe someone can help me.
> I have been looking for a complete list of security breach disclosures.
> While its nice to have different lists of high profile disclosures
> what would be interesting would be find out how many total disclosures
> and the distributions of size and type. The SB-1386 law in California
> requires companies to contact customers affected by breaches. I checked
> with the California Attorney General's Office and there are no
> government
> records being kept there since companies are not required to contact
> any
> government entity. The papers report the high profile breaches --
> basing
> any analysis on the media coverage would be skewed.
>
> Are there any states require public reporting of breaches?
>
> Since other states are modeling security breach laws after
> California's SB 1386 it would be great if somehow there could be a
> public
> reporting element added to these laws so data on all breaches can be
> collected and analyzed for fixing the right problems.
>
> Cheers! - Bill Yurcik/NCSA University of Illinois
> <byurcikncsa.uiuc.edu>
>
>
> _______________________________________________
> Dataloss mailing list
> Datalossattrition.org
> https://attrition.org/mailman/listinfo/dataloss
>
>
--
Emergent Chaos! My thoughts on security, privacy, economics, and the
occasional giant pink bunny. http://www.emergentchaos.com
_______________________________________________
Dataloss mailing list
Datalossattrition.org
https://attrition.org/mailman/listinfo/dataloss
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]