Business Continuity & Cyber Security Incident Log w/e 17/3/2017


Home Depot Data Breach costs to top $179m

Home Depot, the retailer hit by a cyber attack in 2014 has agreed to pay  a further $27.25 million to affected financial institutions.

A “fixed payment award” of about $2 per compromised payment card will be paid to Banks that file valid claims will get without having to prove their losses, even if they have received compensation from another source.

According to the settlement documents, those that can prove their losses could receive an additional “documented damages award” of up to 60% of their uncompensated costs.

Jim Nussle, chief executive of the Credit Union National Association, said in a news release: “Credit unions and their members have unfortunately borne the brunt of lax merchant data security standards, this settlement would be a step toward making them whole again.”

In September 2014, Home Depot disclosed  that hackers had stolen payment card data from customers who made purchases at self-checkout terminals between April 10, 2014, and Sept. 13, 2014. A separate file of customer email addresses was also stolen.

US Justice Department to charge 4 hackers in Yahoo data breach

U.S Department of Justice is expected to file charges against the four hackers who are suspected of leading one the huge Yahoo breaches. It has been reported that one of the suspects resides in Canada while three reside in Russia

The data leak caused mass panic and anxiety among millions of individuals, especially because the Yahoo rescinded the option to delete accounts.

Comment by Steve Dance of RiskCentric: this action gives an indication of the potential reputational consequence of the breach: customers would hardly likely rejoin Yahoo once they had deleted their account