Jimmy John's announced in late September that customer payment card data may have been compromised in a security breach at over 200 of its stores between June and September. Illinois law requires companies to notify customers of credit and debit card breaches within a reasonable time. While Jimmy John's learned of the breach in late July, they did not publicly announce it until September. The Illinois Attorney General's office is investigating the breach at Jimmy John's to determine the source and appropriate response.
Group letter to FTC calling for workshop examining data breaches - March 2014nationalconsumersleague
A coalition of consumer and privacy organizations today called on the Federal Trade Commission (FTC) to convene a forum examining the ongoing impact of data insecurity on America’s consumers. In a letter to FTC Chairwoman Edith Ramirez, the groups cited the increased consumer awareness of the threat of data breaches and other cybersecurity risks in the wake of data thefts at Target, Michaels, Snapchat, and other businesses.
What SMEs can learn from the BA data breachVicky Bradford
When British Airways hit the headlines for all the wrong reasons this week, thanks to news of an impending £183 million fine for last year’s massive data breach, it showed in several ways why it’s more important than ever to take good care of your data.
A summarized version of the 60 page Rule broken down by Kirk J. Nahra, a partner with Wiley Rein & Fielding LLP in Washington, D.C. He specializes in privacy and information security litigation and counseling for companies facing compliance obligations in these areas. He is the Chair of the firm’s Privacy Practice. He serves on the Board of Directors of the International Association of Privacy Professionals, and edits IAPP’s monthly newsletter, Privacy Officers Advisor. He is a Certified Information Privacy Professional, and is the Chair of the ABA Health Law Section’s Interest Group on eHealth, Privacy & Security.
Group letter to FTC calling for workshop examining data breaches - March 2014nationalconsumersleague
A coalition of consumer and privacy organizations today called on the Federal Trade Commission (FTC) to convene a forum examining the ongoing impact of data insecurity on America’s consumers. In a letter to FTC Chairwoman Edith Ramirez, the groups cited the increased consumer awareness of the threat of data breaches and other cybersecurity risks in the wake of data thefts at Target, Michaels, Snapchat, and other businesses.
What SMEs can learn from the BA data breachVicky Bradford
When British Airways hit the headlines for all the wrong reasons this week, thanks to news of an impending £183 million fine for last year’s massive data breach, it showed in several ways why it’s more important than ever to take good care of your data.
A summarized version of the 60 page Rule broken down by Kirk J. Nahra, a partner with Wiley Rein & Fielding LLP in Washington, D.C. He specializes in privacy and information security litigation and counseling for companies facing compliance obligations in these areas. He is the Chair of the firm’s Privacy Practice. He serves on the Board of Directors of the International Association of Privacy Professionals, and edits IAPP’s monthly newsletter, Privacy Officers Advisor. He is a Certified Information Privacy Professional, and is the Chair of the ABA Health Law Section’s Interest Group on eHealth, Privacy & Security.
Responding to a Company-Wide PII Data BreachCBIZ, Inc.
Many small employers falsely believe they can elude the attention of a hacker, yet studies have shown the opposite is true; a growing number of companies with fewer than 100 employees are reporting data breaches every year.
Avoid Identity Theft Prevention and fraud with keepmyid.org. Comprehensive identity fraud protection is only Identity Theft Protection Service from former law enforcement.
Newsjacking - the practice of leveraging a breaking news situation to promote your brand - can pay big dividends for savvy PR pros. Here are 5 tips on executing a successful newsjack - using common PR tools. Includes real-life examples.
Fighting Digital Fraud in the Insurance IndustryThreatMetrix
The digital advances that customers have demanded to help them gain instant quotes and policy approvals have made it easier for cyber criminals to commit fraud. View the SlideShare to discover how to safely and instantly approve insurance quotes, how to stop false insurance claims, and how to stop Ghost Brokers.
TECH CYBER CRIME: Homegrown menace
Contents
1. Regional trouble
Listen
As Latin Americans take to online banking, Brazil is scoring records for the wrong reasons.
The number of internet users in Latin America has doubled in less than a decade, according to the World Bank. Close to 60% of Brazilians used the internet last year, up from less than 30% in 2006. But as more people log on, they open their personal information to new vulnerabilities.
Last year, cybercrime cost the world economy $445 billion, according to figures from PwC. "The more people recognize money is digital, the more criminality will migrate there," says Tom Kellerman, chief cybersecurity officer at Trend Micro, a software security company.
With 34% of Latin America's population, Brazil has also become LatAm's stomping ground for cybercriminals. The country ranks in the top three launching pads for cyberattacks and at least 75% of Brazilians say they have been victims of cybercrime, according to PwC.
Russia and China have long been home to the originators of cybercrime, but that is changing, says Kellerman. Increasingly, hackers are using home-grown programs. "The Brazilian underground used to be some of the biggest buyers of malware from Eastern Europe, but now they are producing their own," he says.
Financial institutions, energy companies and governments are the top targets for cybercrime in Latin America, says Kellerman, adding that the prevalence and severity of cyberattacks in the region "is dramatically getting worse".
Last year, RSA Research Group uncovered a new malware attacking Brazil's Boletos, a type of payment slip. RSA found that more than 30 Brazilian banks had been targeted. Cybercriminals obtained user login information and used their bank accounts to issue Boletos, which can be printed out or used online.
When a customer gives the slip to a merchant or other person, the bank transfers money from the customer's account. Cybercriminals intercepted the Boletos and redirected the payments to their own accounts. RSA estimated losses to be 8.57 billion reais ($2.2 billion at today's exchange rate).
For the first time, Hewlett Packard and the Ponemon Institute included Brazil in its annual Cost of Cyber Crime Study, published in October. The survey deals with expenses related to theft, lost business and business responses allocated to fight cybercrime. Cybercrime hit US businesses the hardest, costing companies with more than 1,000 employees $15 million each per year on average, the report found.
Brazil ranked fifth, with the 27 companies with over 1,000 employees surveyed reporting average losses of $3.85 million from cyberattacks.
Financial service providers had the most significant losses. The most costly crimes are denial of services attacks, which aim to render a company's service unusable to its clients.
Regional trouble
Although Brazilian financial institutions have taken the brunt of cyberattacks in Latin America, hackers are also hitting other Latin Ame.
ACI’s lauded Cyber & Data Risk Insurance conference is the highest-level event that provides maximum opportunities to learn from and network with underwriters, brokers, claims managers and industry leaders, and helps you keep pace with the ever-changing cyber insurance market. It’s also the only conference that brings you regulatory and enforcement priorities straight from the federal and state government themselves.
Identity theft remains a pernicious threat to consumers. While the federal government and private sector have done much to address this issue, it is important that legislators and regulators remain vigilant to protect consumers from this ever-evolving fraud.
Responding to a Company-Wide PII Data BreachCBIZ, Inc.
Many small employers falsely believe they can elude the attention of a hacker, yet studies have shown the opposite is true; a growing number of companies with fewer than 100 employees are reporting data breaches every year.
Avoid Identity Theft Prevention and fraud with keepmyid.org. Comprehensive identity fraud protection is only Identity Theft Protection Service from former law enforcement.
Newsjacking - the practice of leveraging a breaking news situation to promote your brand - can pay big dividends for savvy PR pros. Here are 5 tips on executing a successful newsjack - using common PR tools. Includes real-life examples.
Fighting Digital Fraud in the Insurance IndustryThreatMetrix
The digital advances that customers have demanded to help them gain instant quotes and policy approvals have made it easier for cyber criminals to commit fraud. View the SlideShare to discover how to safely and instantly approve insurance quotes, how to stop false insurance claims, and how to stop Ghost Brokers.
TECH CYBER CRIME: Homegrown menace
Contents
1. Regional trouble
Listen
As Latin Americans take to online banking, Brazil is scoring records for the wrong reasons.
The number of internet users in Latin America has doubled in less than a decade, according to the World Bank. Close to 60% of Brazilians used the internet last year, up from less than 30% in 2006. But as more people log on, they open their personal information to new vulnerabilities.
Last year, cybercrime cost the world economy $445 billion, according to figures from PwC. "The more people recognize money is digital, the more criminality will migrate there," says Tom Kellerman, chief cybersecurity officer at Trend Micro, a software security company.
With 34% of Latin America's population, Brazil has also become LatAm's stomping ground for cybercriminals. The country ranks in the top three launching pads for cyberattacks and at least 75% of Brazilians say they have been victims of cybercrime, according to PwC.
Russia and China have long been home to the originators of cybercrime, but that is changing, says Kellerman. Increasingly, hackers are using home-grown programs. "The Brazilian underground used to be some of the biggest buyers of malware from Eastern Europe, but now they are producing their own," he says.
Financial institutions, energy companies and governments are the top targets for cybercrime in Latin America, says Kellerman, adding that the prevalence and severity of cyberattacks in the region "is dramatically getting worse".
Last year, RSA Research Group uncovered a new malware attacking Brazil's Boletos, a type of payment slip. RSA found that more than 30 Brazilian banks had been targeted. Cybercriminals obtained user login information and used their bank accounts to issue Boletos, which can be printed out or used online.
When a customer gives the slip to a merchant or other person, the bank transfers money from the customer's account. Cybercriminals intercepted the Boletos and redirected the payments to their own accounts. RSA estimated losses to be 8.57 billion reais ($2.2 billion at today's exchange rate).
For the first time, Hewlett Packard and the Ponemon Institute included Brazil in its annual Cost of Cyber Crime Study, published in October. The survey deals with expenses related to theft, lost business and business responses allocated to fight cybercrime. Cybercrime hit US businesses the hardest, costing companies with more than 1,000 employees $15 million each per year on average, the report found.
Brazil ranked fifth, with the 27 companies with over 1,000 employees surveyed reporting average losses of $3.85 million from cyberattacks.
Financial service providers had the most significant losses. The most costly crimes are denial of services attacks, which aim to render a company's service unusable to its clients.
Regional trouble
Although Brazilian financial institutions have taken the brunt of cyberattacks in Latin America, hackers are also hitting other Latin Ame.
ACI’s lauded Cyber & Data Risk Insurance conference is the highest-level event that provides maximum opportunities to learn from and network with underwriters, brokers, claims managers and industry leaders, and helps you keep pace with the ever-changing cyber insurance market. It’s also the only conference that brings you regulatory and enforcement priorities straight from the federal and state government themselves.
Identity theft remains a pernicious threat to consumers. While the federal government and private sector have done much to address this issue, it is important that legislators and regulators remain vigilant to protect consumers from this ever-evolving fraud.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Neuro-symbolic is not enough, we need neuro-*semantic*
Jimmy johns infractions
1. Jimmy John’s security breach latest test of consumer notice - Gate House Page 1 of 2
>
By Tim Landis Print Page
Business Editor
September 28. 2014 10:00PM
Jimmy John’s security breach latest test of consumer notice
Companies must provide notification to customers of credit and debit card security breaches within a reasonable time
under Illinois law.
In the case of Jimmy John’s, the sandwich chain learned July 30 of a data breach at more than 200 stores, but it wasn’t
announced until Wednesday. Restaurants at 3128 S. Sixth St. and 2925 Iles Ave. in Springfield were among stores hit,
according to the company.
“There’s a reason,” Illinois Attorney General Lisa Madigan told The State Journal-Register. “We don’t want to
undermine any type of criminal investigation. We want to be able to determine the source of the breach.”
Madigan’s office is leading an investigation into the Jimmy John’s security breach.
The Jimmy John’s location at 3128 S.
The two-month period between discovery and public announcement at Jimmy John’s is not uncommon, said Madigan,
Sixth St. was one of 216 Jimmy John’s
who is seeking re-election in November.
restaurants affected by a possible data
“Under Illinois law, they are required to provide notice within the most expedient time possible and without
breach. Jason Piscia/SJ-R
unreasonable delay,” she said.
Madigan said companies could face penalties if unnecessary delays were found or if insufficient steps were taken to protect consumer data. The Federal Trade
Commission also announced earlier this year it would seek more authority to enforce security improvements, including consumer-notification requirements.
Jimmy John’s, based in Champaign, said in an announcement that steps were taken to protect customers. Debit and credit card purchases made between June
16 and Sept. 5 were affected.
A message left with Jimmy John’s representatives was not returned Friday, but the company posted a statement on its website, jimmyjohns.com, that said the
breach was contained and customers could safely use debit and credit cards for purchases.
The company said login credentials for its point-of-sale system were stolen from a third-party vendor. Jimmy John’s has hired independent experts to
investigate the break-in, according to the statement.
“Jimmy John’s has taken steps to prevent this type of event from occurring in the future,” the statement said, “including installing encrypted swipe machines,
implementing system enhancements, and reviewing its policy and procedures for third-party information.”
Schnuck Markets Inc. in August reached a tentative settlement of a lawsuit resulting from a security breach at nearly 80 supermarkets in Missouri, Illinois,
Iowa and Indiana, including two stores in Springfield.
Approximately 2.2 million cards were affected.
The company declined further comment other than to point out consumers received regular updates, including through the website, a toll-free hotline and the
news media.
Jerry Bryan of Bryan Consulting Inc. in St. Louis said clients of the communications and technology firm are advised to get information out as quickly as
possible, including through social media, when there are problems with company products or services.
“It runs counter to what most corporate managers believe: ‘I can’t say anything because I don’t have all the facts,’” Bryan said. “By the time you know all the
facts, the public is blaming you.”
He said companies must help consumers understand that the companies also have been victimized, in this case by cybercriminals.
“Jimmy John’s had a security breach, and my first inclination is to think Jimmy John’s did this,” Bryan said. “Something has to make me slow down just
enough to realize somebody attacked Jimmy John’s.”
The Illinois attorney general’s office received more than 3,000 identity theft complaints in 2013, second only to 4,300 consumer debt complaints. Identity
theft has been the fastest-growing category in recent years.
Madigan said the question of consumer notification regularly comes up following a security breach but that consumers themselves remain the best defense
against identity theft.
“They should be watching their debit and credit card information,” Madigan said. “We’re encouraging them to have transaction alerts on credit and debit
cards. There are some very basic things that should just be part of their routine.”
***
Want more information?
http://www.sj-r.com/article/20140928/News/140929507?template=printart 10/27/2014
2. Jimmy John’s security breach latest test of consumer notice - Gate House Page 2 of 2
Jimmy John’s restaurant chain has posted information on the recent breach of credit and debit card purchases at jimmyjohns.com. Consumers who believe
their card was compromised also can call (855) 398-6442.
Additional information on identity theft is available from the Illinois attorney general’s office at illinoisattorneygeneral.gov or by calling the state identity theft
hotline at (866) 999-5630.
Contact Tim Landis: 788-1536, tim.landis@sj-r.com, twitter.com/timlandisSJR.
http://www.sj-r.com/article/20140928/News/140929507 Print Page
http://www.sj-r.com/article/20140928/News/140929507?template=printart 10/27/2014