PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Epilogue to the St. Louis Cardinals Baseball Hacking Case

St Louis Cardinals Hacking Baseball

A while ago, I wrote about a case involving a member of the St. Louis Cardinals baseball team staff who improperly accessed a database of the Houston Astros.   There is now an epilogue to report in the case.  The individual who engaged in the illegal access — a scouting director named Chris Correa — […]

The Funniest Hacker Stock Photos 3.0

Hacker Santa

It’s time for a third installment of the funniest hacker stock photos.  Because I create information security awareness training (and HIPAA security training too), I’m always in the hunt for hacker photos.   There are so many absurd ones that I can make enough Funniest Hacker Stock Photo posts to keep pace with Disney in making […]

Notable Privacy and Security Books 2016

Notable Privacy Security Books 2016 - TeachPrivacy 01

Here are some notable books on privacy and security from 2016. To see a more comprehensive list of nonfiction works about privacy and security, Professor Paul Schwartz and I maintain a resource page on Nonfiction Privacy + Security Books.

When Do Data Breaches Cause Harm?

  Harm has become the key issue in data breach cases. During the past 20 years, there have been hundreds of lawsuits over data breaches. In many cases, the plaintiffs have evidence to establish that reasonable care wasn’t used to protect their data. But the cases have often been dismissed because courts conclude that the […]

Black Mirror: A Powerful Look at the Dark Side of Privacy, Security, and Technology

In a series of posts, I have written about some of my favorite media regarding privacy and security: TV shows, movies, and novels. When I wrote about TV shows, a number of people recommended the show Black Mirror. I have now seen all the episodes thus far, and I am happily adding it to the […]

Phishing Cartoon: Why Do Phishers Keep Sending Obvious Scam Emails?

Phishing Cartoon

Why do phishers waste their time with such obvious phishing scams when they can do so much better? One possible answer: They don’t have to do better.  They send out so many emails that they only need a very low percentage of people to click.  And people always do.  In fact, if phishing emails became […]

Clearing Up the Fog of Cloud Service Agreements

Contracting with cloud service providers has long been a world shrouded in fog. Across various organizations, cloud service agreements (CSAs) are all over the place, and often many people entering into these contracts have no idea what provisions they should have to protect their data.

The Funniest Password Recovery Questions and Why Even These Don’t Work

Passwords

  A recent article in Wired argues that it is time to kill password recovery questions. Password recovery questions are those questions that you set up in case you forget your password. Common questions are: In what city were you born? What is your mother’s maiden name? Where did you go to high school?

Ransomware: A Cartoon to Brighten More Bad News

Ransomware cartoon

I have good news and bad news about ransomware.  First, the good news — here’s a cartoon I created.  I hope you enjoy it, because that’s the only good news i have.  Now, for the bad news . . . The Bad News: Be Afraid, Very Afraid Everyone seems to be afraid of ransomware these […]